IoT Security Foundation

IoT Security Foundation

The IoT Security Foundation (IoTSF) was formed following the 2015 IoT Security Summit – a gathering of modern-day tech experts at the iconic Bletchley Park, who came together to explore IoT security issues. The Summit highlighted the urgent need to establish a coordinated international focus on security across the IoT application space. It was agreed to assemble a group to identify and take next steps to address some of the issues raised.

The IoTSF has established a number of priority working groups to help ensure they build an ‘Internet of Trust’. There are currently 5 priority working groups focusing on the following;

  • Self-certification scheme
    to determine appropriate requirements for a low-cost, accessible and fit-for-purpose system of self-certification in order to raise the standard of security in IoT products
  • Connected Consumer Products
    to produce security best practice guidelines for different classes of consumer devices
  • Patching constrained devices
    produce best practice guidance for systems deploying constrained-resource elements to ensure systems are maintained and updated over their life cycle
  • Responsible disclosure
    to educate the need for establishing a channel of communication and determining a framework of best practice for both researchers and companies to follow when a security vulnerability has been identified
  • IoT Security Landscape
    to map applications of IoT at a high level, from a system-wide and end to end perspective, to identify where vulnerabilities lie and inform future IoTSF work


Founding members include BT, Vodafone and ARM.

Find out more