IoT Security Foundation launches new group for device identity

The IoT Security Foundation has announced the formation of a Device Identities Working Group aimed at strengthening the security of Internet of Things devices through the development of trusted device identities.

The new working group was formed alongside the release of a white paper titled "Building a System of Trust: The Power of Device Identities." The paper discusses the fundamental importance of device identities in constructing a secure chain of trust, spanning from early hardware stages through to the system level, and highlights the potential benefits for collaborative efforts across the supply chain.

The Device Identities Working Group will be chaired by Michael Richardson, of Sandelman Software Works, and supported by Richard Seward, Vice-President of Product Management at Device Authority, as Vice-Chair. According to the Foundation, the group's main objectives include raising awareness, simplifying the process of adopting device identities, and developing best practices for identity provisioning.

John Moor, Managing Director of the IoT Security Foundation, commented: "IoTSF has a strong track record of driving impactful initiatives in IoT security, and the Device Identities Working Group is our latest step forward. Device identities are the foundation of trust in IoT, and this working group will unite the industry to tackle challenges like awareness and use cases. We invite everyone to download the white paper and join us in shaping a secure IoT future."

Michael Richardson, Chair of the Working Group, said: "Device identities are critical to verifying authenticity and securing IoT systems at scale. This working group offers a unique opportunity to collaborate on solutions that will safeguard billions of devices. I encourage all stakeholders to engage with the working group and join our mission."

Richard Seward, Vice-Chair, emphasised the broader impact of device identities: "The potential of device identities extends far beyond security - they enable interoperability and lifecycle management. Our first meeting will outline the group's purpose and the urgent need for coordinated action. We're excited to welcome both members and interested parties to this vital conversation."

The Foundation has invited all interested parties, including both members and non-members, to download the newly released white paper and to participate in the working group's inaugural online meeting. The online session is scheduled to take place on 15 May 2025 at 2pm BST and will set out the goals of the working group and the importance of device identity solutions in the current IoT environment.

The launch of the Device Identities Working Group follows a series of prior initiatives led by the IoT Security Foundation targeting key security challenges in the IoT space. Device identity has become an area of focus as the proliferation of connected devices has brought new vulnerabilities and requirements for robust security practices across industries.

The Foundation's new white paper outlines how device identity underpins secure connectivity and data management at scale, and calls for greater collaboration between manufacturers, service providers, and technology firms to standardise and broadly implement solutions.

Those leading the working group have signalled an intention to address a range of pressing concerns, including promoting understanding of device identity's role in risk mitigation, as well as facilitating interoperability and comprehensive device lifecycle management.