Andrew Losty (University College London), Anna Maria Mandalari (University College London)

As Matter adoption and device deployment grow, it is essential to assess alignment with international IoT security frameworks and standards. This interim study evaluates Matter specifications against 18 international frameworks to identify compliance and security gaps. An independent IoT security framework, the Cloud Security Alliance (CSA), was used to provide a taxonomy and grouping of security controls, from which six core security domains were initially selected: (i) device certification, (ii) attack-surface minimization, (iii) secure communications (iv) software update mechanisms, (v) logging/telemetry, and (vi) secure storage. The analysis highlights areas where Matter provides strong guidance and where it is less prescriptive compared to regulations and frameworks such as the Cyber Resilience Act (CRA), NIST, and ETSI. Future work will extend the assessment with ten additional domains, extending the analytical mapping of Matter’s compliance and non-compliance, and providing valuable insights for manufacturers, developers, and regulators.

View More Papers

Benchmarking and Understanding Safety Risks in AI Character Platforms

Yiluo Wei (The Hong Kong University of Science and Technology (Guangzhou)), Peixian Zhang (The Hong Kong University of Science and Technology (Guangzhou)), Gareth Tyson (The Hong Kong University of Science and Technology (Guangzhou))

Read More

Repairing Trust in Domain Name Disputes Practices: Insights from...

Vinny Adjibi (Georgia Institute of Technology), Athanasios Avgetidis (Georgia Institute of Technology), Manos Antonakakis (Georgia Institute of Technology), Alberto Dainotti (Georgia Institute of Technology), Michael Bailey (Georgia Institute of Technology), Fabian Monrose (Georgia Institute of Technology)

Read More

Practical Traceable Over-Threshold Multi-Party Private Set Intersection

Le Yang (School of Cyber Science and Technology, University of Science and Technology of China), Weijing You (Fujian Provincial Key Laboratory of Network Security and Cryptology, College of Computer and Cyber Security, Fujian Normal University), Huiyang He (School of Cyber Science and Technology, University of Science and Technology of China), Kailiang Ji (NIO Inc), Jingqiang…

Read More