Internet of Things (IoT) Cyber Security Certification and Labelling via the IoT Security Trust Mark™ (STM) framework sets out the principles and basis for Cyber Trust Mark™ third party conformity assessment, certification and voluntary 'live' Cybersecurity Labelling Scheme (CLS).
Providing smart device consumers with a recognisable level of assurance that the vendor/manufacturer cyber security claims about their product have been independently evaluated and conform with internationally established consumer product standards and baseline security requirements.
The scheme itself provides a unified, internationally applicable, scalable, independent and rigorous approach to assessing the integrity of the vendor’s cyber security claims for their OT/IoT connected Smart Device product and how they conform to the defined consumer IoT Security Baseline Requirements (BR) recommendations, guidelines and codes produced by Governments and Standards bodies enabling mutual recognition and harmonisation Internationally.
IoT Security Trust Mark™ certification and labelling addresses the risk of a lack of verified baseline cyber security in consumer smart devices by:
1) Enabling consumers to have confidence that the baseline requirements and cyber security features claimed by a vendor in a consumer grade connected product have been evaluated.
2) Providing participating product evaluators, independent Accredited Test Facilities (ATFs), with a governance framework for predictable, standardised and repeatable evaluation of products prior to submission to a scheme Decision Authority (DA).
3) Supplying product manufacturers with IoT Security Trust Mark™ certification and voluntary 'live' Cyber Trust Mark™ label (QR) to demonstrate their smart device product has passed independent evaluation of their cyber security claims and meets the Baseline Requirements (BR)
Cyber Trust Mark™ Certification by the IoT Security Trust Mark™ Certification and Cybersecurity Labelling Scheme (CLS) covers smart devices associated with product consumers in the following sectors:
Personal/Residential/Home
Corporate/Business/Enterprise
Government
Industrial/Operational Systems
Critical Infrastructure, and,
Systems of National Significance (SoNS)