Editor's Pick

The Connectivity Standards Alliance Product Security Working Group Launches the IoT Device Security Specification 1.0

The Connectivity Standards Alliance (“Alliance”) Product Security Working Group is pleased to announce the release of their IoT (Internet of Things) Device Security Specification 1.0, with the accompanying certification program, and Product Security Verified Mark.

This groundbreaking initiative aims to establish a unified IoT cybersecurity standard and certification program, providing manufacturers a one-stop solution to certify their devices, enabling them to comply with multiple international regulations and standards more easily.

“The unveiling of the IoT Device Security Specification 1.0, alongside its certification program and the Product Security Verified Mark, signals an important milestone in bolstering IoT security and building confidence with consumers,” said Tobin Richardson, Alliance President & CEO of the Connectivity Standards Alliance.

“By bringing together diverse international regulations into a cohesive specification, the Product Security Certification Program streamlines the process, reduces redundancy, and provides manufacturers with a singular, respected avenue for certifying their devices globally.”

With the increasing adoption of consumer IoT devices, there is a heightened emphasis on security due to a rise in incidents involving breaches and malicious device hijackings. The Product Security Working Group aims to meet this challenge by consolidating requirements from the three most popular IoT Cybersecurity baselines from the United States, Singapore, and Europe into a single specification and certification program. This unifying effort helps manufacturers more easily and efficiently address these regulatory regimes’ requirements aiming to instill confidence in consumers and regulators.

“As consumers embrace the convenience and value of IoT devices, the Alliance is dedicated to helping to create more comprehensive protection for consumers. This initiative aims to establish a robust baseline for all consumer IoT devices,” said Steve Hanna of Infineon Technologies AG and Chair of the Product Security Working Group Steering Committee. “The Alliance’s Product Security Verified Mark and IoT Device Security Specification 1.0 will make it easier for manufacturers to address consumer IoT security requirements around the world.”

IoT Device Security Specification 1.0 Requirements

The Product Security’s IoT Device Security Specification includes dozens of specific device security provisions. IoT Device Manufacturers must demonstrate compliance with those provisions, supplying justifications and evidence to an Authorized Test Laboratory with expertise in security evaluation and experience certifying products relative to this specification.

Highlights of the specific requirements include:

Unique identity for each IoT Device
No hardcoded default passwords
Secure storage of sensitive data on the Device
Secure communications of security-relevant information
Secure software updates throughout the support period
Secure development process, including vulnerability management
Public documentation regarding security, including the support period

Nearly 200 member companies — including Amazon, Arm, Comcast, Google, Infineon Technologies AG, NXP Semiconductors, Schneider Electric, Signify (Philips Hue and WiZ), and Silicon Labs — have collaborated, pooling related technologies, expertise, and innovations enabling the IoT Device Security Specification 1.0, the accompanying certification program, and Product Security Verified Mark to meet the diverse needs of stakeholders, including consumers, device manufacturers, and regulators. Together, these companies spearheaded the process by driving requirements and specification development and ultimately helping validate the final specification.

The Product Security Certification Program and Verified Mark

Encompassing a broad spectrum of smart home devices such as light bulbs, switches, thermostats, doorbell cameras, and more, the Product Security Certification Program establishes minimum requirements for IoT devices. By consolidating several international regulations into a single set of requirements, the Certification Program streamlines the process, helping manufacturers meet certification criteria from multiple countries or regions with a single evaluation.

The Product Security Verified Mark is confirmation a product meets the specification’s security requirements, with the goal of inspiring consumer confidence. When displayed prominently on certified product packaging, store signage, and online platforms, this Verified Mark builds trust by serving as a marker for secure IoT devices. A printed URL, hyperlink, QR code, or a combination of these representations on the Product Security Verified Mark gives consumers access to more information about the device’s security features.

Looking Ahead

As technology advances and new threats emerge, the Product Security Working Group remains committed to continuously enhancing the IoT Security Device Specification and the accompanying certification program.

The post The Connectivity Standards Alliance Product Security Working Group Launches the IoT Device Security Specification 1.0 appeared first on IoT Business News.

You May Also Like

Editor's Pick

ERP or Enterprise Resource Planning solutions help businesses of all sizes manage their daily business operations. First used in the 1990s, ERP systems have...

Investing

Democratic Gov. Janet Mills on Wednesday vetoed a bill aimed at prohibiting foreign influence in Maine elections, but voters will get the final say...

Latest News

On Jan. 3, 2021, a group of Justice Department officials met in the Oval Office to resolve a critical dispute within President Donald Trump’s...

Latest News

Democrats were panicking. Donors were despondent. And some elected officials were privately wondering whether their leader should step aside. But in President Biden’s cosseted...

Disclaimer: realinvestmentstar.com, its managers, its employees, and assigns (collectively “The Company”) do not make any guarantee or warranty about what is advertised above. Information provided by this website is for research purposes only and should not be considered as personalized financial advice. The Company is not affiliated with, nor does it receive compensation from, any specific security. The Company is not registered or licensed by any governing body in any jurisdiction to give investing advice or provide investment recommendation. Any investments recommended here should be taken into consideration only after consulting with your investment advisor and after reviewing the prospectus or financial statements of the company.

Copyright © 2024 realinvestmentstar.com