Definition

Security requirements need to factor in cost of security failure(economic, social, environmental, etc), risk of attack, cost of implementation. Key requirements may include:
Secure boot
Encrypted communication
For devices that are capable, implementation of security software such as anti-malware, intrusion prevention systems, and even local firewalls
Device tampering detection
 
**Note: Should leverage work from ATIS Cybersecurity initiative which is looking at IoT device security attributes as part of the overall assessment of IoT security threats and recommended mitigations.

Range of Values

  • Medium
  • High