OWASP Internet of Things Project


The OWASP Internet of Things Project is designed to help manufacturers, developers, and consumers better understand the security issues associated with the Internet of Things, and to enable users in any context to make better security decisions when building, deploying, or assessing IoT technologies. The project looks to define a structure for various IoT sub-projects such as Attack Surface Areas, Testing Guides and Top Vulnerabilities.

Iot project

Resources from Owasp.org

Why

The purpose of the Internet of Things Security project is to create concise, transparent, and usable resources for various people who are purchasing, deploying, creating, testing, and otherwise interacting with IoT technologies.

What

This session will be about the various sub-projects in the project, including:

  • Attack Surfaces
  • Top Vulnerabilities
  • ICS/SCADA
  • Medical Devices
  • IoT Testing Guide
  • The structure of the project
  • Recommendations for additional sub-projects
  • and more…

Outcomes

  1. We get each section of the project (sub-projects) to a working state that participants agree are a solid starting point
  2. We have a committed project leader for each sub-project, and we have next steps for each of these
  3. We have plan for spreading the word about the project and its sub-projects to the world
  4. We have an interaction plan for reaching out to other IoT project leaders for cooperation
  5. We have an outline for one-pagers for the Attack Surfaces and Top Vulnerabilities that can be used as quick-look guidelines for developers

Who

The ideal participants here are people with some experience of IoT, either from the building, deploying, or testing worlds. We’re looking for people with ideas around improving the existing sub-projects, taking on one of the sub-projects, starting a new one, or any combination of these.


Working materials

  1. Draft starting points for each section of the project (sub-projects)
  2. Potential candidate(s) for project leader for each sub-project, and we have next steps for each of these
  3. Draft plan for spreading the word about the project and its sub-projects to the world
  4. Draft interaction plan for reaching out to other IoT project leaders for cooperation
  5. Outline for one-pagers for the Attack Surfaces and Top Vulnerabilities that can be used as quick-look guidelines for developers

Content

… Add content …



Back to list of all Working Sessions and Tracks

Edit this page here