Keywords
How to Cite
Abstract
As the adoption of technology grows, consumers have many avenues to buy IoT devices and install them for their needs yet they have very little information about the security of the devices. The companies that are manufacturing the devices have no incentive to invest in the security of the devices or to let consumers know the security status of their respective devices. The competitive cost and time pressure faced by manufacturers is causing consumers to suffer from the vulnerabilities in their devices. This project makes three contributions to the development of security verification for IoT devices. First, it develops a quantifiable security compliance measurement system to measure the security of consumer IoT (SCMSI) devices. The SCMSI framework uses the OTA recommended Trust Framework augmented with key design and development security concerns to develop the criteria to measure the devices. Second, a scoring model is developed for each of the security requirements in the SCMSI framework. Third, a consumer facing pilot website is built to show the proof of concept of evaluating IoT devices and providing security ratings to consumers. Limitations and future directions are discussed.
Open Access License Notice:
This article is © its author(s) and is licensed under the Creative Commons Attribution 4.0 International License (CC BY 4.0). Beginning with Volume 13 (2026), this license is included directly within all published PDFs. For earlier articles, a cover page has been added to indicate the correct licensing terms. Any legacy copyright or pricing statements appearing within the PDF reflect prior print production workflows and do not represent the Journal’s current open access policy. For full details, please see the Journal’s License Terms.