ETSI Cyber Security for Consumer Internet of Things

ETSI Cyber Security for Consumer Internet of Things	Description	OWASP IoT Top 10 Mapping
4.1	No universal default passwords	I1 Weak, Guessable, or Hardcoded Passwords
4.2	Implement a means to manage reports of vulnerabilities	N/A
4.3	Keep software updated	I4 Lack of Secure Update Mechanism I5 Use of Insecure or Outdated Components
4.4	Securely store credentials and security-sensitive data	I1 Weak, Guessable, or Hardcoded Passwords I7 Insecure Data Transfer and Storage
4.5	Communicate securely	I7 Insecure Data Transfer and Storage
4.6	Minimize exposed attack surfaces	I1 Weak, Guessable, or Hardcoded Passwords I2 Insecure Network Services I3 Insecure Ecosystem Interfaces I5 Use of Insecure or Outdated Components I9 Insecure Default Settings I10 Lack of Physical Hardening
4.7	Ensure software integrity	I4 Lack of Secure Update Mechanism
4.8	Ensure that personal data is protected	I6 Insufficient Privacy Protection
4.9	Make systems resilient to outages	N/A
4.10	Examine system telemetry data	I8 Lack of Device Management
4.11	Make it easy for consumers to delete personal data	I6 Insufficient Privacy Protection
4.12	Make installation and maintenance of devices easy	I9 Insecure Default Settings
4.13	Validate input data	I3 Insecure Ecosystem Interfaces