As well as having a state of the art IoT laboratory which enables us to address the increasing risks posed by technology developments in the area of connected devices, we also offer assurance for IoT functionality through verification and the development of appropriate Kitemark schemes.
BSI has 3 levels of assurance focusing on:
Kitemark certification (in development) – The BSI Kitemark is currently being developed in collaboration with industry stakeholders helping consumers confidently and easily identify connected products which they can trust to be safe, secure and fit for purpose. This will ensure the device has been rigorously and independently tested to make sure it functions and communicates as it should and that it has the appropriate security controls in place.
Limited pilot spaces available - contact BSIpilots@bsigroup.com to get involved
Verification - where only the security of a smart device requires verifying The UK Government has highlighted the need for effective security to be designed into all consumer IoT-enabled devices. We work with our clients to verify their compliance with the Government guidelines so their customers can be confident the product is secure for its intended use
Testing – expert cyber security testing, supporting development/ evaluation of IoT products. We support providers of IoT devices who put the safety and security of their customers at the heart of their business by working with them at early stages of development. Highlighting the potential risks and vulnerabilities at an early stage to ensure that the 'secure by design' principles highlighted by UK government can be effectively implemented
Providing a risk-based, pragmatic solution is key and BSI's approach will continue to evolve as technologies, standards and threats grow.
BSI IoT Kitemark and the DCMS
What is the DCMS IoT Security Code of Practice?
The Department for Digital and Creative Industries, part of the Department for Digital, Culture, Media and Sport, is responsible for UK Government policy relating to digital/ telecomms industries. It has written a Code of Practice aimed primarily at manufacturers of consumer IoT products and associated services. It has been developed through extensive engagement with industry and subject matter experts and sets out thirteen practical steps to improve the security of consumer IoT.
How can BSI help?
The DCMS code of practice addresses cybersecurity of consumer IoT devices. The Kitemark has been developed in response to the growth of internet-connected products and is designed to help consumers confidently and easily identify the IoT devices they can trust to be safe, secure and functional. It has been designed with this level of rigour to enable trust in the operation, safety and security of the product. For some low-risk consumer products, compliance with the DCMS scheme may be sufficient and we also offer this service. However, where the operation of the device has safety and/or security implications, the Kitemark is unique in providing this level of comprehensive assurance.
As a global organization we have the scale and reach to support organizations large and small. Our technical capability and delivery in aviation space and defence ensure we’re recognized as a worldwide leader in this field.
> Learn more about BSI.