Publication Peer Review

CSA IoT Security Controls Framework v2
CSA IoT Security Controls Framework v2

CSA IoT Security Controls Framework v2

The IoT Security Controls Framework is relevant for enterprise IoT systems
that incorporate multiple types of connected devices, cloud services, and
networking technologies. The Framework has utility across many IoT domains
from systems processing only “low-value” data with limited impact
potential, to highly sensitive systems that support critical services. The
classification of a system is assigned by the system owner based on the
value of the data being stored and processed and the potential impact of
various types of physical security threats. 

Updates for version 2 include...

  • Updated Controls - All Controls have been reviewed and updated for
          technical clarity

  • New Domain Structure - Control domains have been reviewed and updated to
          better categorize each control.

  • New Legal Domain - Introduces relevant legal controls

  • New Security Testing Domain - Introduces Security testing of
         architectural allocations.

  • Simplified Infrastructure Allocations - Device types have been
          consolidated to a single type in order to simplify the allocation of
          controls to architectural components.

Request to Participate

CSA is a community driven organization. We would like to send you updates about our ongoing initiatives and opportunities to participate.

By opting into this agreement I am indicating that I want to receive email updates from CSA on related projects. (Marketing purposes, Section 3 of the Privacy Policy).