The problem with “how to secure” instructions for advanced users is that less advanced users won’t read them. Still waiting for the day somebody ships an iot that requires a “how to make insecure” guide.
Maybe Rockwell-Collins AAMP7G:
Not sure if they’ll sell it to IoT vendors. It can be cloned based on publicly-available information, though. Green Hills also has a secure OS (INTEGRITY-178B) targeting this market with a bunch of middleware for crypto, networking, and so on. You can get the “how to secure” with maybe decent security but it comes at a steep price so far. Everything I’ve seen was around $40,000-50,000 or more for OEM deal. Kind of a steal versus the cost of building that much stuff robustly but too much for the IoT vendors aiming to maximize profit by reducing development and per-unit costs. Better to use free stuff with little to no security. ;)
Ubuntu Core seems to require that you register the an account online with an SSH key if you want to use SSH.