GlobalPlatform launches IoT security framework

IoTopia provides a blueprint for device makers to secure IoT devices and services across all markets and geographies.

  • 5 years ago Posted in

Building on GlobalPlatform’s previous work to secure the IoT, IoTopia proposes a common framework for standardizing the design, certification, deployment and management of IoT devices. IoTopia device security will be testable and meet vertical and geographical market requirements by building upon the following four foundational pillars:


  1. Security by Design: capabilities and features that go beyond best practice and define how secure components and APIs can be used with existing secure by design standards.
  2. Device Intent: IoTopia leverages IETF’s manufacturer usage descriptions (MUD) and uniform resource identifier (URI) to effectively manage device permissions and access on networks.
  3. Autonomous, Scalable, Secure Device Onboarding (SDO): IoTopia will offer an open, standards-based secure onboarding process to streamline network administration.
  4. Device Lifecycle Management: a range of features and capabilities to manage devices throughout their entire lifecycle, including updates and maintenance to services, in line with international regulations.

“The IoT ecosystem needs to get serious about cybersecurity. Many of today’s connected objects do more than simply provide information at your fingertips – they make use of sensitive data, gather information and even impact the physical world, in many cases in critical ways,” comments Kevin Gillick, GlobalPlatform Executive Director. “In light of this, there is a need for ubiquitous and standardized end-point and network security to prevent devices from becoming an entry point into a network or a platform for attacks. These are serious security concerns that need to be addressed to realize the market potential of IoT – which is why we have launched IoTopia.”

The use of proven, internationally deployed GlobalPlatform technologies to bring trust to the IoT ecosystem will also ensure that compliance with the baseline requires low to no additional costs for device makers.

“IoTopia will provide a detailed but executable framework that is standards-based, industry-wide and able to evolve as security capabilities and requirements change,” adds Russ Gyurek, GlobalPlatform IoTopia Committee Chair. “Importantly, IoTopia is bringing together global and regional guidelines and requirements to help device manufacturers build products and services that satisfy regulatory mandates. This offers the flexible security blueprint that is needed for device makers to build secure devices without having to become cybersecurity companies or experts.”

Kevin adds: “GlobalPlatform has a long history of successful standardization and certification work, which is already adding value to the IoT ecosystem. Our membership stretches across the entire IoT value chain, perfectly placed to go beyond simply defining best practice and help the market to actually implement security for IoT devices and services.”

Beacon, NY, Dec 20, 2024– DocuWare unveils its AI-powered Intelligent Document Processing...
85% of IT decision makers surveyed reported progress in their companies’ 2024 AI strategy, with...
Lopitaux joins as global companies embrace GenAI solutions at scale and look to build their own...
Predictive maintenance and forecasting for security and failures will be a growing area for MSPs...
NVIDIA continues to dominate the AI hardware market: powering over 2x the enterprise AI deployments...
Hitachi Vantara survey finds data demands to triple by 2026, highlighting critical role of data...
81% of enterprises plan to increase investments in AI-powered IT operations to accelerate...
Hitachi Vantara survey finds data demands to triple by 2026, highlighting critical role of data...