IoT Security Verification Standard (ISVS)

June 29, 2026 · View on GitHub

Version 1.0 Release Date Creative Commons License Document Build Status GitHub Pages Slack

⚠️ Release Candidate — 1.0.0-RC2. This is a release candidate under community review and may change before the final release. It is not yet a finalized standard. Please review and share feedback via GitHub Discussions.

The OWASP Internet of Things Security Verification Standard (ISVS) is a community effort to establish an open standard of security requirements for Internet of Things (IoT) ecosystems. The requirements provided by the ISVS can be used at many stages during the Development Life Cycle including design, development, and testing of IoT ecosystems.

IoT ecosystems are often complex collections of many interconnected systems. Some of these interconnected systems are IoT systems, containing connected devices and their components, both software and hardware. Others examples of systems in IoT ecosystems are web or mobile applications and cloud components.

The ISVS focuses on providing security requirements for IoT systems and their components: IoT hardware, software, embedded applications and communication protocols. It also provides some general requirements for the IoT ecosystems in which IoT systems reside, while referring to existing industry-accepted standards as much as possible.

Release Candidate (1.0.0-RC2)

The OWASP ISVS is preparing its first official release. The current content is a release candidate (1.0.0-RC2) under community review and may change before the final release. It provides comprehensive security requirements for IoT ecosystems and their components — please help us finalize it by reviewing and sharing feedback via GitHub Discussions.

Documentation

Official Documentation - Read the standard online with full search capabilities

Download the Standard

Version 1.0 is available in multiple formats on the releases page:

  • 📄 PDF - For reading and printing
  • 📱 EPUB - For e-readers
  • 📝 DOCX - For editing and customization
  • 📊 CSV - For spreadsheet analysis
  • 🔧 JSON - For programmatic use
  • 🌐 XML - For integration with tools

Read Individual Sections of the ISVS Below

How to Contribute

The ISVS is an open source effort and we welcome contributions and feedback. If you want to contribute additional content, improve existing content, or provide your feedback, we suggest that you do so through:

Before you start contributing, please check our contribution guide which should get you started.

Project Leads