INCITS/Internet of Things and Related Technologies Seeks Experts
INCITS/IoT, the US Technical Advisory Group to ISO/IEC JTC 1/SC 41 on the Internet of Things and Related Technologies, represents US interests in the development of international standards. The committee is actively working on foundational standards, interoperability, applications and use cases for the Internet of Things (IoT) and related technologies. These include applications in: industrial IoT, wearables, Smart Cities, utilities & Smart Grid, agriculture, societal and human factors in IoT based services, Integration of IoT and distributed ledger technologies (blockchain), and other vertical-specific applications.
The scope of the Internet of Things is vast, and its applications transcend economic sectors and can be integrated into seemingly endless end user markets, including home-based consumers, manufacturing processes, and industry.
- -The combined IoT market is comprised not only of devices, such as soil temperature/moisture sensors, actuating stepper motors in manufacturing equipment, webcams and home voice controllers, but also a variety of software solutions, including cloud-based infrastructure, communications platforms, analytics platforms, and Operating Systems. Trustworthiness within IoT systems therefore can be incredibly complex, requiring the protection of end users’ privacy and data by protecting the device and accompanying communications networks, cloud providers, data aggregators and analytics platforms, and any number of other related applications that are required for device functionality. Risk, therefore, must also be assessed across the IoT value chain, in ways that differ from traditional IT devices.
- -Unlike conventional IT systems, many IoT systems can interact with devices and modify device properties in the physical world in response to remote commands, such as in the case of a smart thermostat or an insulin pump. In the latter example, the risk of a ransomware or malware attack may have significant consequences on human health.
- -While there is no one internationally accepted definition of IoT, many definitions have arisen within economies, standards development bodies, think tanks, and industry associations and may have diverging definitions, potentially changing the scope of trustworthiness across the IoT value chain because of possible inconsistencies.
- -A key activity is to address IoT Trustworthiness concerns. IoT devices can be used by unauthorized third parties as access points to form networks of Internet-connected externally controlled devices, or “botnets.” Devices can be compromised and infected with malicious software. According to two Bain Consulting studies on barriers to uptake of IoT solutions, respondents listed security risks as their top concern.
- -The responsibility for securing these systems currently rests with IoT device manufacturers, systems integrators, service providers, and users that could control distinct parts of the IoT system from within varying legal jurisdictions. For example, the device could be manufactured in Asia and used in the United States, have its data transferred through a communications network to a backend server in Australia, to eventually be analyzed in Chile. In a globalized, complex IoT system, each component must be independently secured by their respective, responsible party. In the absence of specific, globally relevant IoT security control guidance and standards that could align IoT trustworthiness approaches across the value chain, attack surfaces and trustworthiness vulnerabilities may outpace current manufacturer security practices. Given the scope of IoT systems and the complexity of securing each component, sometimes across borders, existing global standards pertaining to trustworthiness risk management in conventional IT may not adequately address the unique challenges of IoT systems.
Members of INCITS/IoT have the unique opportunity to make their voices heard on the development of standards and uses cases on IoT and related technologies. This group also provides the opportunity to collaborate with experienced peers while serving the broader community of service organizations. Join the current INCITS/IoT members Avail Medsystems, Dell, Discover Card, DoD, Evanhoe & Associates, Farance Inc, Hitachi Vantara, Intel, ITRI, John Deere, Lockheed Martin, Microsoft, Oracle, NIST, NSA, VMware and WSN Technologies, in this work.
Membership provides the opportunity for international leadership roles for project leader/editor, Convenors.
Members participate in virtual meetings and one to two face-to-face meetings per year. They are encouraged to contribute in the development of international standards related to IoT. All members are also eligible to attend national and international meetings; the next two INCITS/IoT meetings are scheduled for September 14 and October 9, 2020. To learn more about membership in INCITS/IoT, visit http://www.incits.org/participation/membership-info or contact Lynn Barra at Lbarra@itic.org.