Different Paths to Security Certification for IoT – Connect Security World 2018
Connect Security World - Embedding Trust in IoT Systems and Connected Hardware | September 24-26, 2018 – Marseille, France

Different Paths to Security Certification for IoT

Dr. Eric Vétillard, Head of Future Certifications, NXP Semiconductors, France

• IoT certification to provide some assurance that a product’s security is sufficient starts from a blank page, with limited incentives, no dedicated schemes, and a large number of high-level recommendations that are in many cases quite useless in practice.
• Review of some incentives, including regulation with the EU Cybersecurity Act and its limitations, business requirements with the Charter of Trust
• Guidelines and assessment packages, like the one provided by the IoT Security Foundation, and to standards like IEC62443
• Approaches for building certification of complex products and services, such as ECSO’s proposed meta-scheme