IoT Security - Additional concerns

I've read the Introduction to IoT Security and would suggest two aspects that might be interesting mentioning -

Issue commands with caution - When issueing commands we should take into account that this can impact the product/system. Following Clemens Vasters example from DotNetRocks where you issue a command to your car to open its locks but the car is not connected at that specific time, 5 hours later your car connects to the cloud gateway and picks up the command while it doesn't require to unlock anymore or even dangerous at that time. Although this is not something we should think about when talking about the system or communication it has an impact on the solution as-is. (Although this is not the case for each project)
Device Blacklisting - The ability to blacklist a malicious devices from the device management should be considered as an added value

microsoftarchive / iot-journey