Certifications of Cyber Security for Consumer Internet of Things

Purpose

IoT devices are consumer products that anyone can have in their home and that can connect to the internet. Examples include smart TVs, home assistants, smart speakers, connected household appliances such as refrigerators and washing machines, connected alarm systems, digital door locks, smoke detectors or baby monitors.

These products have become part of our daily life and although they help us in many daily routines, they can compromise our privacy and security if not designed correctly. Security standards such as ETSI EN 303 645 and SSF 1120-1 contain requirements on cybersecurity aspects that the product needs to meet, ensuring a higher level of security.

With the increasing use of internet-connected products in the home, the likelihood of cyber-attacks is increasing. It is important that the product is developed and tested correctly to withstand such attacks. The ETSI EN 303645 standard defines the basic requirements for IoT products throughout the product life cycle such as the design, development, manufacturing, use and maintenance phases.

Testing IoT devices against the ETSI EN 303645 standard assesses whether the product meets the general cybersecurity requirements of the standard and testing against the SSF 1120-1 standard tests whether the product can withstand an attack through penetration testing.

Method

The evaluation is based on methods accredited by Swedac for the standards:

• ETSI EN 303 645
• SSF 1120-1

The test against the standard is advantageously complemented by a penetration test that RISE can offer as a separate service. Here you find our penetration test offer. 

Deliveries

The results of the RISE evaluation are compiled in an accredited RISE report.

Avaliable courses

RISE offers the following courses in this area:
-Cybersecurity on IoT products