Lifecycle IoT Security for Engineers -- Contents -- Foreword -- Preface -- Acknowledgments -- 1 Introduction to IoT and Its Applications -- 1.1 Defining the IoT -- 1.2 Classifying Industrial, Enterprise, and Consumer IoT Applications -- 1.3 Why IoT Needs Securing -- 1.4 Summary -- References -- 2 Lifecycle of IoT Security -- 2.1 IoT Security Implementation -- 2.2 Integrating the Security Measures into IoT Services -- 2.3 Operation of the IoT Services -- 2.4 Maintaining the IoT Infrastructure -- 2.5 Planned Degradation and Discontinuation of the IoT Services -- 2.6 Summary -- References -- 3 Vulnerabilities in IoT Security -- 3.1 Insufficient Physical Hardening -- 3.2 Insecure Cloud and Network Services -- 3.3 Device-Level Vulnerabilities and Mismanagements -- 3.4 Poor Password Practices and Identity Management -- 3.5 Inappropriate Cryptographic Measures -- 3.6 Weak Update Protocols -- 3.7 Summary -- References -- 4 IoT Security Attack Vectors and Actors -- 4.1 Understanding the Motivations to Attack IoT Systems -- 4.2 Actors Involved in IoT Security and Attacks -- 4.3 IoT Device-Level Attacks -- 4.4 IoT Network Attacks -- 4.5 Cloud Service Attacks -- 4.6 Summary -- References -- 5 Preventive and Defensive Measures to Counter IoT Security Threats -- 5.1 Secure by Design -- 5.2 IoT Device-Level Security -- 5.3 IoT Network Security -- 5.4 Cloud Service Security -- 5.5 Summary -- 6 Detection and Identification of IoT Security Attacks -- 6.1 Setting Up IoT Security Incident Protocols -- 6.2 Establishing Security Incident Response Teams -- 6.3 Monitoring and Penetrating IoT Services -- 6.4 Summary -- References -- 7 Practical Challenges in Implementing Appropriate Level of Security -- 7.1 Challenges of Inherent Heterogeneity -- 7.2 Interoperability Between Diverse Stakeholders -- 7.3 The Human Factor Forming a Weak Link in IoT Security.

7.4 Commercial and Performance-Oriented Factors -- 7.5 Summary -- References -- 8 Regulatory Guidance for the IoT Industry -- 8.1 Need for Regulatory Guidance on IoT Security and Its Global Directions -- 8.2 Internet Research Task Force Request for Comments 8576 -- 8.3 U.S. NIST Interagency/Internal Report 8259 and 8259A -- 8.4 ETSI TS 103 645 -- 8.5 Summary -- References -- 9 Social and Commercial Impacts of IoT Security Failures -- 9.1 Large-Scale Impact of IoT Services -- 9.2 Unavailability of Life-Saving Services -- 9.3 Loss of Privacy and Personal Data -- 9.4 Degraded Consumer Confidence -- 9.5 Threat to Critical Infrastructure and National Security -- 9.6 Commercial Impacts and Losses -- 9.7 Summary -- References -- 10 Recovering from IoT Security Incidents -- 10.1 Incident Containment -- 10.2 Security Threat Redressal -- 10.3 Patching Security Updates -- 10.4 Communicating with the Stakeholders -- 10.5 Summary -- References -- About the Author -- Index.