The goal of the Internet of Things Security Guidelines document set is to provide the implementer of an IoT technology or service with a set of design guidelines for building a secure product. To accomplish this task, this document will serve as an overarching model for interpreting what aspects of a technology or service are relevant to implementer. Once these aspects, or components, are identified, the implementer can evaluate the risks associated with each component, and determine how to manage them.
Each component can be broken down into sub-components, where more granular risks will be described. Each risk shall be assigned a priority, to assist the implementer in determining the cost of the attack, as well as the cost of remediation, and the cost, if any, of not addressing the risk.