The IoT device can be uniquely identified logically and physically.
A unique logical identifier
A unique physical identifier at an external or internal location on the device authorized entities can access
The configuration of the IoT device’s software can be changed, and such changes can be performed by authorized entities only.
The ability to change the device’s software configuration settings
The ability to restrict configuration changes to authorized entities only
The ability for authorized entities to restore the device to a secure configuration defined by an authorized entity
The IoT device can protect the data it stores and transmits from unauthorized access and modification.
The ability to use demonstrably secure cryptographic modules for standardized cryptographic algorithms (e.g., encryption with authentication, cryptographic hashes, digital signature validation) to prevent the confidentiality and integrity of the device’s stored and transmitted data from being compromised
The ability for authorized entities to render all data on the device inaccessible by all entities, whether previously authorized or not (e.g., through a wipe of internal storage, destruction of cryptographic keys for encrypted data)
Configuration settings for use with the Device Configuration capability including, but not limited to, the ability for authorized entities to configure the cryptography use itself, such as choosing a key length
The IoT device can restrict logical access to its local and network interfaces, and the protocols and services used by those interfaces, to authorized entities only.
The ability to logically or physically disable any local and network interfaces that are not necessary for the core functionality of the device
The ability to logically restrict access to each network interface to only authorized entities (e.g., device authentication, user authentication)
Configuration settings for use with the Device Configuration capability including, but not limited to, the ability to enable, disable, and adjust thresholds for any ability the device might have to lock or disable an account or to delay additional authentication attempts after too many failed authentication attempts
The IoT device’s software can be updated by authorized entities only using a secure and configurable mechanism
The ability to update the device’s software through remote (e.g., network download) and/or local means (e.g., removable media)
The ability to verify and authenticate any update before installing it
The ability for authorized entities to roll back updated software to a previous version
The ability to restrict updating actions to authorized entities only
The ability to enable or disable updating
Configuration settings for use with the Device Configuration capability including, but not limited to: a. The ability to configure any remote update mechanisms to be either automatically or manually initiated for update downloads and installations b. The ability to enable or disable notification when an update is available and specify who or what is to be notified
The IoT device can report on its cybersecurity state and make that information accessible to authorized entities only.
The ability to report the device’s cybersecurity state
The ability to differentiate between when a device will likely operate as expected from when it may be in a degraded cybersecurity state
The ability to restrict access to the state indicator so only authorized entities can view it
The ability to prevent any entities (authorized or unauthorized) from editing the state except for those entities that are responsible for maintaining the device’s state information
The ability to make the state information available to a service on another device, such as an event/state log server