Essential requirements for securing consumer IoT devices

Pieter Meulenhoff, Sjoerd Langkemper, Willem Westerhof

Research output: Book/ReportReportProfessional

193 Downloads (Pure)


Embedded connected computers are installed in homes in increasing numbers in the form of consumer IoT devices. These devices are often insufficiently protected against cyberattacks. In this research report, we propose several security requirements for consumer IoT devices. These requirements are suitable for enforcement through legislation and will significantly improve consumer IoT cybersecurity when implemented.
This research report, commissioned by the Dutch Radiocommunications Agency, describes a threat model and significant security problems, derived from literature research. These assisted in evaluating more than 400 security measures, after which the top measures were summarised into eight essential security requirements. These requirements are easy to implement, easy to test, unambiguous, and greatly improve the cybersecurity of the products. We recommend standardisation agencies to make these requirements mandatory for all consumer IoT devices.
Original languageEnglish
PublisherQbit Cyber Security
Commissioning bodyAgentschap Telecom
Number of pages44
Publication statusPublished - 6 Aug 2020


Dive into the research topics of 'Essential requirements for securing consumer IoT devices'. Together they form a unique fingerprint.

Cite this