Internet of things networks are often constructed using devices that are commissioned into the network having unique identifiers and unique credentials that are used to authenticate the device and protect command and control or data collection messages. Security and safety policy may dictate rules that restrict which controllers may access which sensors and which actuators. Policies may be expressed in ways that account for redundancy where standby and replacement devices and their credentials are comprehended by the other devices with which they must interact. This complexity may result in an order of magnitude increase in security policy expression and lifecycle cost.