IoT Security Standards & Collaboration

“The level of influence members have is directly proportional to their level of desired participation”
Thorsten Stremlau, TCG’s marketing chair. TCG has been answering the call for better device security since its genesis as the Trusted Computing Platform Association (TCPA) in the late 1990s. In 2003, the organization evolved into its current state and now TCG encompasses the world’s leading device manufacturers, government regulators, research and academic institutions, other standards organizations, and IoT companies. 

TCG is a diverse organization that works with a wide range of companies located around the world. Its members come in all sizes. Members include many smaller start-ups as well as the world’s leading software and hardware companies. TCG’s board of directors includes distinguished members from companies such as AMD, Dell, Fujitsu, Huawei, HP, IBM, Infineon, Intel, Lenovo, Juniper, and Microsoft. TCG works with global governments, standards bodies such as NIST, security experts, and key research and academic institutions to identify, define, develop, produce and promote security standards generated by nearly 20 different working groups. Its members leverage, adopt, refine, and use the IoT Security Standards TCG develops to implement the latest IoT security protocols.

TCG’s many workgroups focus on specific security areas such as cloud, cyber resilience, cybersecurity,  industrial, IoT, mobile, and PC to name a few. It also provides a resource center where security professionals can go to view and download FAQs, specifications, reference documents webcasts, white papers, and more.

Getting involved

TCG has several levels of participation and membership. At the Adopter level, members can consume the IoT security standards and related content, and have limited input into standards development. Contributors fully participate in the development formation of standards, including early review of standards and standards voting rights. Promoter is the highest level of membership, enabling the most access with participation into technical committees, which act as an arm of the board of directors. Individual Liaison members are also selected from key subject matter experts, government organizations, researchers, and academics.

“The level of influence members have is directly proportional to their level of desired participation,” Nelson told Pipeline. “Members can join at the Adopter level in “read-only” mode to consume standards and specification and apply it to their business—and at the next level up—Contributor members can fully participate in the formation of standards.”

“Hardware-based security is the foundation for much of what we do, which has never been more important,” Borchert commented. “As security has evolved, we have continued to develop standards in all their forms, including many different use cases for securing data on the device, in transit, and located in the cloud.”

“Everyone that is developing hardware or software products we feel should want to participate in the standards that TCG is working on now,” added Stremlau. “We’ve seen a significant peak in demand from our members for use cases for securing everything from embedded webcams to secure satellite communication, and from the world’s leading technical innovators, who are looking to contribute to the development of security standards.”

Stremlau then went on to underscore the importance and ubiquitous aspect of data security and how it permeates virtually every workgroup.

“TCG has many workgroups that are developing standards that can be used across hundreds of different applications, and data security is a key current that runs through each of them.”

Participation is paramount 

TCG’s framework works as building blocks that enable organizations to pick and choose which elements of their standard and what level of participation are right for them. The TCG standards can be applied across all vertical IoT markets. TCG and its members have been hard at work developing security standards at a time when they are so critically important. But prevention does require effort.

Whether you are developing the next connected device, car, or “thing,” there are many ways to start getting involved, from consuming the TCG standards and specifications, to actively contributing in committees and workgroups, and even driving the topical areas on which those groups focus. We've seen that the cost of not acting has been high in the past, and failing to act now may cost you a lot more in the future.


Latest Updates

Subscribe to our YouTube Channel