Our monthly meetings are open to all. The IoTSF ManySecured WG is about leveraging the power of the crowd – working on open technical standards, specifications and finding solutions first and foremost.
It is supporting the UKRI Digital Security by Design Challenge and the Secure Networking by Design (SNbD) project with the University of Oxford, NquiringMinds and TechWorks.
Our aim: “to reduce the threat and scale of remotely initiated cyber-attacks, securing the network against memory-based vulnerabilities.”
Current topics include:
1) Update on NIST – trusted onboarding
2) SBOM and device identity problem:
How does a device advertise its SBOM descriptor “securely”? –
a) review the problem
b) identification of similar problems : what’s out there?
c) outline of potential solutions: proposals required
d) next steps – planning
3) Device lifecycle policies
a) review/reminder of primary use cases
b) proposal: framing the life cycle (continuous assurance) problem – including MUD
c) outline of a potential evidence model (D3/VC based)
d) next steps
4) Economic model for vulnerability management
a) share of draft
b) request for contributions/authors
5) IoTSF conference track – potential topics on ManySecured and SNbD
We also encourage you to join our slack channel to participate in the project.
Slack invite: https://join.slack.com/t/manysecured/shared_invite/zt-1t1f6j582-y1Lvi0aEoItd2_EtvuGVCA
Please contact James Willison for registration details at [email protected]