SCI-IoT: A Quantitative Framework for Trust Scoring and Certification of IoT Devices
Authors
Shreyansh Swami, Ishwardeep Singh, Chinmay Prawah Pant
Categories
Abstract
The exponential growth of the Internet of Things (IoT) ecosystem has amplified concerns regarding device reliability, interoperability, and security assurance. Despite the proliferation of IoT security guidelines, a unified and quantitative approach to measuring trust remains absent. This paper introduces SCI-IoT (Secure Certification Index for IoT), a standardized and quantitative framework for trust scoring, evaluation, and certification of IoT devices. The framework employs a six-tier grading model (Grades A-F), enabling device profiling across consumer, industrial, and critical infrastructure domains. Within this model, 30 distinct Trust Tests assess devices across dimensions such as authentication, encryption, data integrity, resilience, and firmware security. Each test is assigned a criticality-based weight (1.0-2.0) and a performance rating (1-4), converted to a normalized percentage and aggregated through a weighted computation to yield the Secure Certification Index (SCI). The SCI determines the device's Trust Verdict, categorized into five SCI levels, and serves as the foundation for optional grade-based certification. The framework also incorporates critical gate conditions, enforcing absolute compliance in high risk parameters to prevent certification of devices with fundamental vulnerabilities. By unifying quantitative trust scoring with structured certification criteria, SCI-IoT provides a transparent, scalable, and reproducible method to benchmark IoT device trustworthiness. The proposed system aims to streamline manufacturer compliance, improve consumer confidence, and facilitate global interoperability in IoT security certification.
SCI-IoT: A Quantitative Framework for Trust Scoring and Certification of IoT Devices
Categories
Abstract
The exponential growth of the Internet of Things (IoT) ecosystem has amplified concerns regarding device reliability, interoperability, and security assurance. Despite the proliferation of IoT security guidelines, a unified and quantitative approach to measuring trust remains absent. This paper introduces SCI-IoT (Secure Certification Index for IoT), a standardized and quantitative framework for trust scoring, evaluation, and certification of IoT devices. The framework employs a six-tier grading model (Grades A-F), enabling device profiling across consumer, industrial, and critical infrastructure domains. Within this model, 30 distinct Trust Tests assess devices across dimensions such as authentication, encryption, data integrity, resilience, and firmware security. Each test is assigned a criticality-based weight (1.0-2.0) and a performance rating (1-4), converted to a normalized percentage and aggregated through a weighted computation to yield the Secure Certification Index (SCI). The SCI determines the device's Trust Verdict, categorized into five SCI levels, and serves as the foundation for optional grade-based certification. The framework also incorporates critical gate conditions, enforcing absolute compliance in high risk parameters to prevent certification of devices with fundamental vulnerabilities. By unifying quantitative trust scoring with structured certification criteria, SCI-IoT provides a transparent, scalable, and reproducible method to benchmark IoT device trustworthiness. The proposed system aims to streamline manufacturer compliance, improve consumer confidence, and facilitate global interoperability in IoT security certification.
Authors
Shreyansh Swami, Ishwardeep Singh, Chinmay Prawah Pant
Click to preview the PDF directly in your browser