This is a set of principles that we think any connected product manufacturer, team or founder would use to make a responsible, secure, well designed connected product.

Please note we use particular definitions of the terms device, gateway and backend.

These are the principles of the Open Internet of Things Mark as of June 14th 2018. This work by iotmark.org is licensed under Creative Commons BY-SA 4.0.

Privacy

MUST HAVE

  • The connected product supplied by the organisation is compliant with the highest standard in data protection (GDPR for eg.).

 

Permissions

MUST HAVE

  • The organisation gives users the ability to transfer ownership of the device.
  • When ownership of a device is transferred, the new user doesn’t have access to the previous user’s data.

Transparency

MUST HAVE

  • The organisation makes it explicit to the user what the implications of substantially changing usage of the device are.
  • The organisation makes explicit the expected duration of the terms of service.
  • The organisation asks the explicit permission of the customer when it wants to change the length of the terms of service.
  • The organisation informs the user about firmware upgrades.

 

Security

MUST HAVE

  • The organisation enforces a strong user identity policy.
  • The organisation has clear admin user management policies.
  • The organisation provides minimum cryptographic security on its backend & secure configuration.
  • The device firmware is compliant with industry security standards.

NICE TO HAVE

  • The organisation implements reliable and appropriate backend patching procedures which are evidenced.
  • The device uses strong cryptographic schemes.

BEST CASE SCENARIO

  • The organisation’s backend implements additional secure setup options.

 

Lifecycle

MUST HAVE

  • The organisation is clear about the expected lifetime of the service 
provided by the device and backend.
  • The organisation is clear about the levels of customer support that are provided during the lifetime of the product.

NICE TO HAVE

  • The organisation supplies a list of the first level of suppliers involved in their supply chain.
  • The organisation supplies spare parts on request during the lifecycle of the product.
  • The organisation supplies a list of the geographic
 regions involved in the supply chain.
  • The organisation gives clear documentation for any parts that a customer can repair using commonly accessible tools and skills.

 

Interoperability

NICE TO HAVE

  • The organisation grants third 
parties the same functional scope on the backend as its own clients.
  • The organisation allows third parties to communicate directly with its devices without going through the backend.
  • The organisation allows third parties to connect clients to its backend.

BEST SCENARIO

  • The organisation allows third parties to connect devices to its backend.

 

Data Governance

NICE TO HAVE

  • The organisation doesn’t degrade or change the current core functionality of the device over the product lifetime.
  • The organisation makes it possible for customers to turn off the connection to the backend, this might mean that functionality of the device is reduced.

 

Openness

BEST CASE SCENARIO

  • The organisation publishes the device source code under an open source license.
  • The organisation publishes the device hardware designs under an open hardware license.
  • The organisation publishes the backend source code under an open source license.

 

This is a work in progress and you may comment freely, join the conversation on Slack, sign up to our newsletter or give us feedback in writing (alex at iot dot london) or on our monthly open calls.

 

Contributors to this latest version:

Alexandra Deschamps-Sonsino (@iotwatch), Thomas Amberg (@tamberg), Chackshu Saharan (@Ignius_IoT), Laura James (@LaurieJ), Albrecht Kurze (@AlbrechtKurze), Victor Petersson (@vpetersson), Alasdair Allan (@aallan), Duncan Wilson (@djdunc), Dominique Guinard (@domguinard), Geusseppe Gonzalez (@GeuseppeGC), Dries De Roeck (@driesderoeck), Konrad Komorowski,  Alison Powell (@a_b_powell), Mark Setrem (@ukmoose), Louise Hugen (@louisehugen), Funda Ustek-Splida (@fundaustek)

Past contributors:

Privacy: Mark Simpkins (@marksimpkins),

Interoperability: Andy Stanford-Clark (@andysc), Boris Adryan (@borisadryan), Peter Robinson (@nullr0ute), Bob van Luijt (@bobvanluijt), Thomas Amberg (@tamberg)

Openness: Thomas Amberg (@tamberg)

Data Governance: Dr. Alison Powell, Mark Simpkins (@marksimpkins), Selena Nemorin (@digiteracy)

Permissions & Ownership: Martin Dittus (@dekstop), Mark Simpkins (@marksimpkins), Selena Nemorin (@digiteracy)

Transparency: Pilgrim Beart (@pilgrimbeart)

Security: Mark Carney (@LargeCardinal), Graham Markall (@gmarkall), Jan-Peter Kleinhans (@JPKleinhans), Alasdair Allan (@aallan), Cédric Lévy-Bencheton (@clevybencheton)

Lifecycle: Alasdair Allan (@aallan), Chris Adams (@mrchrisadams), Adrian McEwen (@amcewen), Dries De Roeck (@driesderoeck), Matthew Macdonald-Wallace (@mbconsultinguk), Joanna Montgomery (@joannasaurusrex), Gavin Starks (@agentGav)

March 2018 version contributors: Alasdair Allan (@aallan), Anthony James Munns (@bitshiftmask), Albrecht Kurze (@AlbrechtKurze), Thomas Amberg (@tamberg), Chris Adams (@mrchrisadams), Alexandra Deschamps-Sonsino (@iotwatch)