IGF 2018 WS #41 Internet of Things security by design: Let's wrap it up now!


Organizer 1: Wout de Natris, De Natris Consult

Speaker 1: Susan Chalmers, Government, Western European and Others Group (WEOG)
Speaker 2: Valentina Scialpi, Intergovernmental Organization, Western European and Others Group (WEOG)
Speaker 3: Maarten Botterman, Technical Community, Western European and Others Group (WEOG)
Speaker 4: Maarten van Horenbeeck, Technical Community, Western European and Others Group (WEOG)
Speaker 5: Maria Ines Robles, Technical Community, Latin American and Caribbean Group (GRULAC)

Internet of Things security is one of the greatest challenges in cyber security as well as one of the most pressing. IoT's inherent insecurity by design indiscriminately impacts all stakeholders, from all regions. It is hard, to impossible, for users to judge security and most likely they are unable to change settings that could ensure security. As a result an insecure IoT-device is easily hacked, boosts botnets that spam, infect and DDoS, attacking companies and countries or is turned into a spying tool, etc.; all affecting third parties without the owner of the device even knowing. Adding to the challenge is the foreseen, enormous growth of insecure devices, sensors, etc. in the near future.

There is a general consensus solutions are needed. These are debated and published in national, regional and international fora, standardisation bodies, the IGF Dynamic Coalition, the IGF BPFs on Cyber Security and IoT, academia, etc.. All involved come together at the IGF. Let’s use this expert knowledge to advantage and assist in a process to devise a strategy on how to proceed.

A global standard cannot be reached in a short period, if ever. In the report 'Strengthening cooperation within the context of the IGF', presented to the MAG this winter, the technical, industry and governmental communities all indicated they need focus and prioritisation. IoT is an extremely broad topic. By presenting one main question: (How) can a monitoring and reporting function on vulnerabilities in IoT devices assist in making these devices and thus the Internet and its users, more secure?, this proposal provides the desired, limited scope and focus.

Why a monitoring and reporting system? Reporting of vulnerabilities can have several positive effects, e.g.: manufacturers are alerted to make their products more secure; endusers, consumer agencies, and governments can make decisions based on the reporting; anti-botnet centres can alert endusers and assist them in making their devices more secure: updates are provided, etc.. In short, it provides a direct insight in the level of security of IoT-products and the responsiveness of their manufacturers. This workshop has two purposes:
1) Produce a direct and tangible outcome: A feasibility assessment of a (global) monitoring and reporting function and;
2) Test whether the (current) IGF format lends itself for quick wins.

Through this session the IGF facilitates all stakeholders to compare notes and invites them to assist in determining a commonly supported strategy towards a monitoring and reporting system and set the agenda on how to get there. As a side effect this work presents all known current initiatives to the IGF community.


Break-out Group Discussions - 90 Min


After a short introduction, the attendants are divided into 3 or 4 groups, each moderated individually. In the groups the outcomes of the questionnaire are discussed and potential ways forward suggested. In the plenary meeting the results are fed into an online gaming tool, e.g. Kahoot and discussed. The final 20 minutes are used to reach a (rough) consensus and to agree on recommendations on how to proceed.

During the break-out session online participants discuss among each other online, assisted by the online moderator.


The session is organised through working with different stakeholder communities from all regions. They decide who represents them at the session. As this session does not provide "speakers" in the traditional sense (those mentioned above have stated their support for and willingness to participate in the session or volunteer as break-out facilitator), but invites organisations and communities to participate, the organisers have little influence on representation. However, the aim of this workshop is to deliver input towards a universally secure IoT for all Internet users from all regions, of all creeds, genders, etc..

The session discusses the outcomes of a questionnaire sent to relevant stakeholders using the broad existing channels of the IGF: MAG, NRIs, DC, BPFs; the existing national and international initiatives as developed within e.g. NIST, EU, the NL Ministry of Economic Affairs, etc.. The results of these bodies of work are input to this workshop – and vice versa. This workshop brings together the views accumulated over the past years and bundles them into a single, specific advice on how to proceed.

In the questionnaire questions will be asked pertaining:
a. What is the perceived value of a monitoring and reporting (m&r) function in dealing with IoT-insecurity?;
b. What would be elements of an effective monitoring and reporting m&r function?
c. What information should be shared with whom?
d. Are there good practices of such a m&r function regarding IoT or in other domains and what are their success factors?
e. How could an IoT m&r function be organized internationally?
f. (How) could the IGF contribute to an ongoing discussion on this topic?

The results of the questionnaire are presented to participants before the IGF and are the basis of this workshop, so all participants arrive well prepared for the task at hand. After a short workshop introduction (5 minutes), the participants are divided into groups in break-out sessions where the outcomes are discussed, opinions exchanged and turned into potential recommendations (ca. 30 minutes). In the plenary all return. The break-out session leaders report to the room. The results are fed into an online gaming tool, with the aim to discern (a rough) consensus (30 minutes). The outcomes are discussed in the plenary. The session ends with the presentation on outcomes concerning the value, use and potential implementation of monitoring and reporting systems and an advice whether to proceed the discussion, within and/or beyond the IGF (20 minutes).

The outcomes are fed back into all the aforementioned processes.

Onsite Moderator: 

Wout de Natris

Online Moderator: 

Vanessa Berning (NLIGF)


Marjolijn Bonthuis (NLIGF)

Discussion Facilitation: 

This session is about discussing the issue at hand. Through pro-active information, a) in the form of questionnaire and b) the outcomes of the questionnaire, the discussion is given the necessary focus and prioritisation to make optimal use of the time at hand. The questionnaire's outcome is the starting point for the break out sessions. The outcomes of these sessions are presented on, fed into the online system and discussed by all involved.The goal, an assessment of the feasibility for a (global) monitoring and reporting function, is formulated up front. The (online) moderator is active in the room and makes sure all involved who indicate to contribute are able to do so. (The English version of the 'Roadmap for Digital Hard- and Software Security' report and other relevant reports will be made available for all participants.)

Online Participation: 

Vanessa Berning has experience in online moderation and is a part of the organising team. The preparation of this session involves a questionnaire. Not all respondents will be able to be present at the IGF. These respondents will be actively invited to participate online, to discuss and share their views there, also as part of a specific break-out session. If possible by voice if necessary read out by Ms. Berning. The two moderators are in constant contact over online interventions.