Internet of Things (IoT): What do you need to bear in mind when it comes to certification?
Consumers today have an increasing number of devices that are connected to the Internet. From smart refrigerators, TVs, thermostats and doorbells to smart watches, health trackers and toys. But all these new opportunities in the field of Internet of Things (IoT) also come with risks. Smart devices collect a lot of data from their users. And if these devices are not properly secured, hacks, data leaks and other cyber threats are lurking in the background.
Laws and regulations governing IoT and cyber security
Under the framework of the EU Cyber Security Strategy, Europe is working hard on legislation, directives and standards in the field of IoT and cyber security. One of these is the Radio Equipment Directive (RED) 2014/53/EU, which was amended in October 2021 through the New Delegated Regulation for Cyber Security under the Radio Equipment Directive 2014/53/EU (RED). Are you a manufacturer of IoT equipment? Then it is important that you keep up to date with these laws and regulations.
In this context, the ETSI EN 303 645 standard is also relevant. This European standard, which was developed by the European Telecommunications Standards Institute (ETSI), provides guidelines and recommendations for the security of consumer products that make use of IoT.
ETSI EN 303 645
IoT devices that fall within the scope of ETSI EN 303 645 include internet-connected home appliances (such as washing machines and refrigerators), children’s toys and baby monitors, internet-connected domotics and alarm systems, smart cameras, TVs and speakers, portable health trackers and internet-connected security products (such as door locks and smoke detectors).
ETSI EN 303 645 provides a set of 13 recommendations for these devices, which include:
- keeping the software up to date
- integrity of the software
- data protection
- vulnerability disclosure policy
- communication security
- the installation and maintenance of equipment
TS 103 701
As a supplement to ETSI EN 303 645, ETSI has also devised the TS 103 701 standard. This assessment specification, which was published in August 2021, provides standards for the assessment of IoT consumer products under the provisions of ETSI EN 303 645.
TS 103 701 comprises mandatory and recommended assessments that are intended for use by test laboratories, certification bodies and manufacturers seeking to perform their own assessments.
Certification of IoT devices
Beginning 2024, in order to be admitted to the European market, IoT products must comply with Article 3.3 d, e, f, and i of the Radio Equipment Directive (RED) 2014/53/EU. If your product complies with the requirements of ETSI EN 303 645, it automatically complies with the stated requirements of the RED. Consequently, it will be stated on your RED certificate that your product is compliant with the ETSI EN 303 645 standard.
What can the Certification Company do for you?
The Certification Company can help you with the certification of your IoT devices. We can take care of the entire compliance process for you and test whether your product complies with the recommendations of the ETSI EN 303 645.
Expertise in the field of IoT and cyber security The experts at Certification Company have extensive experience with the CE marking of radio equipment.. They are also members of the NEN IoT Product Security working group. This working group is part of the Cyber Security & Privacy standards committee. This standards committee is tasked with establishing standards in the field of the Internet of Things (IoT). The standards committee also determines the Dutch standpoint on global and European standards which are under development.
Do you have any questions?
Are you a manufacturer of IoT devices and do you plan to put your devices on the EU market? Then it is important that you can demonstrate that these devices already comply with the requirements of ETSI EN 303 645 and the RED. Do you need any advice and/or assistance with this? Then feel free to get in touch with us! Our experts are ready to help you.