Connected_products_security_cover

CONNECTED PRODUCTS (IOT) 
CYBERSECURITY

Ever since the Internet of Things (IoT) was first introduced, it has seen continuous expansion, with more and more connected products. This opens doors to vulnerabilities that can generate dramatic impacts. Our services help manufacturers mitigate the risk of their connected products and assure compliance with new regulations. At the same time, we can support them in developing and communicating their cybersecurity effectiveness.

CONTEXT

Connectivity is now a must-have functionality for new products. And it’s not just about smart gadgets. Connectivity is imperative for any new product, including vehicles, medical devices, and industrial and telecommunications equipment. The cybersecurity of these products has thus become a critical topic that cannot be ignored. After all, any of these newly connected products could end up as a doorway to all kinds of vulnerabilities.

The first few years of the IoT saw the lack of a clear set of relevant standards and frameworks to support manufacturers in developing appropriate assurance levels of security in their products. Today, though, there are multiple internationally recognised standards, frameworks, and certification programs that can help them, including IEC 62443, ETSI EN 303 645, and ISO 21434.

From a regulatory point of view, cybersecurity is also seen as a major topic. The first examples are already in place, or are in the final drafting stage:

  1. UNECE international regulations mandate connected vehicles’ cybersecurity and software update processes and functionalities.
  2. Medical devices need to measure up to extensive requirements for placement in various markets, including the US (FDA regulations) and EU (MDR regulations).
  3. The Radio Equipment Directive (RED) will set in place regulatory requirements that target consumer products.

OUR SERVICES PER TYPE OF PRODUCTS

CONSUMER PRODUCTS
SUPPORT AND PREPARATIONCOMPLIANCECERTIFICATION/REGULATORY
Design reviewsDesign reviewsBV IoT Class 1 (CTIA 1)
Validation and penetration testingP-SCAN (product vulnerability scanning)BV IoT Class 2 (OWASP)
  BV IoT Class 3 (ETSI EN 303 645)
  Common Criteria Certification
  Radio Equipment Directive (RED)
  EUROSMART IoT certification
  Japan’s Telecommunications Business Law - Security Standards of IoT Equipment
MEDICAL DEVICES
SUPPORT AND PREPARATIONCOMPLIANCECERTIFICATION/REGULATORY
Design reviewsIEC 62443 complianceUL 2900 certification
Validation and penetration testingUL 2900 complianceCommon Criteria certification
Code reviews EU MDR compliance gap analysis
Processes reviews FDA compliance gap analysis
NETWORK PRODUCTS
SUPPORT AND PREPARATIONCOMPLIANCECERTIFICATION/REGULATORY
Design reviewsIEC 62443 complianceCommon Criteria certification
Validation and penetration testing BSPA certification
CONNECTED VEHICLES
SUPPORT AND PREPARATIONCOMPLIANCECERTIFICATION/REGULATORY
Review of processes and consultancy in drafting/implementationISO/SAE 21434 compliance gap analysisUNECE Cybersecurity (R155) and Software Updates (R156) compliance gap analysis
Workshops on cybersecurity and regulatory requirements UNECE Cybersecurity (R155) and Software Updates (R156) type approval
Risk assessments on vehicles and components Common Criteria certification
Penetration testing of components and systems  
INDUSTRIAL PRODUCTS
SUPPORT AND PREPARATIONCOMPLIANCECERTIFICATION/REGULATORY
Design reviewsIEC 62443 compliance gap analysisIECEE certification (IEC 62443)
Validation and penetration testing Common Criteria certification
Review of development processes  
IEC 62443 workshops  

For more details on our Consumer products cybersecurity services, please visit BV CPS CYBERSECURITY
For more details on IoT services, please visit SECURA IOT MARKET PAGE