We focus on ten societal areas.
TNO cooperates with companies, the public sector and other organisations, to apply our knowledge and expertise with and for others.
We develop knowledge not for its own sake, but for practical application.
On TNO Insights you can read in-depth interviews and articles. Get inspired by TNO’s innovations!
TNO offers you the chance to do groundbreaking work and help customers and society with innovative, practical and smart solutions.
The Internet of Things (IoT) provides a core technology for the digital world. It unlocks tremendous value for people, organisations and governments. But more importantly, IoT is growing exponentially. Statistics show that the number connected things will surge from 8.4 billion in 2017 to 20.4 billion by 2020. However, such key technological developments are only effective if people have trust and confidence in them. Recent high-profile incidents, such as Mirai, show that the security in the IoT domain is a big concern.
There are broadly two types of threats:
Trust can be ensured by implementing robust cybersecurity measures. Traditional IT security, however, is challenging to apply to IoT devices. These devices are often computationally limited and run under minimal supervision for long periods of time in potentially adverse environments. Many devices also might have zero or limited user interfacing. This means that patching and updating may not be convenient, and malfunctioning or rogue devices may not be immediately detectable.
To address this challenge, Singapore and the Netherlands jointly appointed TNO to study the Internet of Things security landscape of today and the recent developments in this area, as well as the key initiatives in place globally. Leveraging on our subject-matter expertise in IoT and our close working relations with both governments as well as our understanding of the policy and cultural perspectives of both countries, we delivered a comprehensive study including specific, actionable recommendations.
TNO’s study of the IoT security landscape resulted in three concrete recommendations:
1. Evaluation and certification of IoT devices in order to provide assured security baselines for a wide variety of devices. A globally aligned approach with government involvement is necessary.
2. Monitoring and supply chain security along with global intelligence sharing for cybersecurity and trust at component level.
3. Hardware security and trusted device identities, focusing on the security of different root-of-trust implementations and their suitability for different device types, including research on the use of alternatives such as PUFs for low-cost IoT devices.
The Internet of Things Security Landscape study was jointly commissioned by the Cyber Security Agency of Singapore and the Ministry of Economic Affairs and Climate Policy of the Netherlands under the MoU between Singapore and the Netherlands on cybersecurity. The study report was launched at ministerial level in the first week of October 2019 simultaneously at the Singapore International Cyber Week and at the One Conference in the Hague.
“The results will also be shared in the second week of October during the Global Forum for Cyber Expertise (GFCE) Annual meeting in Addis Ababa, Ethiopia.”