ETSI, the European Telecommunications Standards Institute, has announced the test specification for the EN 303 645 consumer IoT security standard. This test specification, TS 103 701, outlines how an organized and complete conformity assessment is accomplished.
This will enable supplier groups such as manufacturers, sellers, or distributors to assess their devices’ conformity with EN 303 645 in self-assessments or through testing labs. The test specification can also be used for in-house testing by user organizations.
EN 303 645, which will be issued in June 2020, was created in collaboration with businesses, academics, testing institutes, and international government authorities. As more consumer gadgets connect to the internet, IoT cyber security is becoming a rising problem. The EN is intended to avoid large-scale, widespread attacks on smart devices that cyber-security professionals witness on a daily basis.
Connected toys and baby monitors are examples of IoT products in scope, as are connected safety-relevant products such as smoke detectors and door locks, smart cameras, TVs, and speakers, wearable health trackers, connected home automation and alarm systems, connected appliances such as washing machines and refrigerators, and smart home assistants.
Compliance with the standard limits attackers’ ability to control devices all over the world – known as botnets – in order to launch DDoS assaults, mine cryptocurrencies, and spy on individuals in their own homes.
This standard has become a global reference for safeguarding IoT devices and is already adopted by a number of cyber-security regulations. Fitness watches, home automation devices, smart hubs, robot vacuum cleaners, dishwashers, and other items are already ETSI-compliant.
A test standard was required to promote market adoption because many public and private sector groups are creating certification and labeling schemes for consumer IoT security. Such approaches can qualify products for security labels that can be seen. As a result, buyers can choose more secure items over less secure ones.
The test standard TS 103 701 should aid in the harmonization of evaluation methodologies and provide support to manufacturers, suppliers, and implementers for their internal security processes.
ETSI provides an open and inclusive environment for members to assist the creation, ratification, and testing of internationally applicable standards for ICT systems and services across all industries and societies. It is a non-profit organization with over 950 member organizations from 64 countries and five continents worldwide. Members include large and small business companies, research organizations, universities, government, and public groups. The European Union has officially recognized ETSI as a European standards organization (ESO).