The tech firms have concluded that any IoT system can be compromised unless a system-level root of trust is established through a combination of code signing, encryption and authentication.
The resulting Open Trust Protocol (OTrP) combines a secure architecture with trusted code management, using technologies proven in large-scale banking and sensitive data applications on mass-market devices such as smartphones and tablets.
The protocol set out standard practices for installing, updating and deleting applications, and to manage security configuration in a trusted execution environment (TEE).
Source: Computer Weekly Tech firms tackle IoT security with management protocol