Solutions to secure consumer Internet-of-Things ecosystem

DEKRA launches cybersecurity services for consumer IoT devices

Sep 20, 2021

DEKRA extends its cybersecurity service portfolio by offering new testing & certification services according to ETSI EN 303 645. This cybersecurity standard has been created by the European Standards Organization ‘ETSI’. It is the first globally applicable cybersecurity standard for consumer IoT devices that establishes a common baseline that covers security and priva-cy best practices. DEKRA, which has solid experience in cybersecurity and uses innovative processes, supports manufacturers to demonstrate their products are secure.

  • DEKRA offers evaluation and certification services according to the new consumer IoT cybersecurity standard, ETSI EN 303 645.
“The number of IoT devices is rapidly increasing, and with them, new security challenges and threats. For this reason, we offer our customers new services according to the cybersecurity standard ETSI EN 303 645. Safety and security are a priority for DEKRA, and we are committed to supporting manufacturers to ensure their consumer IoT products are secure and ready to deal with cyberse-curity market needs", says Fernando E. Hardasmal, Head of Service Division Product Testing and Executive Vice President at DEKRA.
DEKRA's new cybersecurity services for ETSI EN 303 645 include testing to evaluate consumer IoT devices, as well as certification to prove they comply with the requirements defined in the standard by issuing a DEKRA Seal. With this seal, customers will demonstrate their products are reliable and secure, as it's a transparent proof from an independent and neutral body.
Apart from evaluation services, DEKRA also offers manufacturers and system integrators, product assessment and training services on how to prepare their devices´ documentation for the security evaluations. Also, a GAP analysis to de-termine the differences between the current security implementation of the prod-uct and the requirements defined in the cybersecurity standard is available at DEKRA.
The cybersecurity standard ETSI EN 303 645 contains a set of security and pri-vacy requirements and recommendations that manufacturers shall implement in their products to prepare them to be protected against the most common cyber-security threats. This cybersecurity standard is especially designed for consumer IoT devices such as smart TVs, smart speakers, home assistants, door locks, smoke detectors, baby monitors, connected home appliances like refrigerators and washing machines, or connected alarms systems, among others.
“Connected devices might be vulnerable and be exposed to suffer cyber-attacks if they do not have security measures in place to help dealing with these threats. ETSI EN 303 645 proposes a set of security best practices that, if implemented in all consumer IoT devices, would lead to a more secure IoT ecosystem”, stated Rubén Lirio, Cybersecurity Manager of the Service Division Product Testing at DEKRA.
In addition to these new cybersecurity services, DEKRA also offers testing & certification services for cybersecurity certifications such as Alexa Voice Service (AVS), ioXt Alliance, CTIA, GSMA, NESAS, FIPS, Common Criteria (CC), eI-DAS, UNECE WP29 and LINCE, among others. Moreover, DEKRA supports customers offering an extensive portfolio that includes all key testing and certifi-cation services manufacturers need to launch their IoT devices at any market, such as regulatory, type approval, wireless and global market access.