MENU

CyberSecurity Certified (CSC): Certification of security for smart home devices & consumer IoTs (CIoT)

CyberSecurity Certified (CSC): Your smart home device or CIoT product certified, independently of manufacturer

Security concerns about smart home devices are still high. According to a Forsa survey, only one person in three trusts the built-in security functions. With the CyberSecurity Certified (CSC) mark of conformity, manufacturers of smart home devices and consumer IoT products can counter this problem and objectively prove the implementation of security measures.

Are you a manufacturer of a CIoT product and want the security of your (smart home) device confirmed by an independent third party? Then we will be happy to accompany you on your way to a successful CSC certificate: starting with a GAP analysis, through support services and audits, to the final CSC certification.

  

Certification mark "CyberSecurity Certified" (CSC) Certification mark "CyberSecurity Certified" (CSC) Certification mark "CyberSecurity Certified" (CSC) Certification mark "CyberSecurity Certified" (CSC)


  

CyberSecurity Certified (CSC): Security Certification of Smart Home Devices & Consumer IoTs (CIoT) CyberSecurity Certified (CSC): Security Certification of Smart Home Devices & Consumer IoTs (CIoT) CyberSecurity Certified (CSC): Security Certification of Smart Home Devices & Consumer IoTs (CIoT) CyberSecurity Certified (CSC): Security Certification of Smart Home Devices & Consumer IoTs (CIoT)

Free whitepaper "Cybersecurity Conformity Assessment for Consumer IoTs"

Our whitepaper will familiarize you with the CSC audit standard, inform you about its basic principles, and explain why it makes sense from a security perspective to establish the new cybersecurity scheme.
  

Our CSC services for manufacturers of CIoT products

CyberSecurity Certified (CSC) Services: GAP analyses CyberSecurity Certified (CSC) Services: GAP analyses CyberSecurity Certified (CSC) Services: GAP analyses CyberSecurity Certified (CSC) Services: GAP analyses

Gap analysis

Determines the maturity level for the planned certification and creates a catalog of measures.

CyberSecurity Certified (CSC) Services: Project support CyberSecurity Certified (CSC) Services: Project support CyberSecurity Certified (CSC) Services: Project support CyberSecurity Certified (CSC) Services: Project support

Project support

Support in achieving a planned goal, e.g. a security level.

CyberSecurity Certified (CSC) Services: Audit, Document & Product Assessment CyberSecurity Certified (CSC) Services: Audit, Document & Product Assessment CyberSecurity Certified (CSC) Services: Audit, Document & Product Assessment CyberSecurity Certified (CSC) Services: Audit, Document & Product Assessment

Audit

Document & product assessment; additional penetration testing depending on CSC level.

CyberSecurity Certified (CSC) Services: Certification audit, CSC certification CyberSecurity Certified (CSC) Services: Certification audit, CSC certification CyberSecurity Certified (CSC) Services: Certification audit, CSC certification CyberSecurity Certified (CSC) Services: Certification audit, CSC certification

Certification audit

Final certification by our certification partner TÜV NORD CERT.

Better security in consumer IoT: The test levels for CSC certification

Our evaluation concept enables certification in the Basic, Substantial and High levels, depending on the scope and depth of testing. Both the IoT product and the development and production process are tested. The entire process is based on internationally recognized norms and standards.

CyberSecurity Certified (CSC): Security Level Basic CyberSecurity Certified (CSC): Security Level Basic CyberSecurity Certified (CSC): Security Level Basic CyberSecurity Certified (CSC): Security Level Basic
CyberSecurity Certified (CSC): Security Level Substantial CyberSecurity Certified (CSC): Security Level Substantial CyberSecurity Certified (CSC): Security Level Substantial CyberSecurity Certified (CSC): Security Level Substantial
CyberSecurity Certified (CSC): Security Level High CyberSecurity Certified (CSC): Security Level High CyberSecurity Certified (CSC): Security Level High CyberSecurity Certified (CSC): Security Level High

These smart home devices & CIoT products we test

CSC-Zertifizierung: Prüfung von Home Routern

Home router

CSC-Zertifizierung: Prüfung von Fitness Trackern

Fitness tracker

CSC-Zertifizierung: Prüfung von Smart TVs

Smart TVs

CSC-Zertifizierung: Prüfung von Smart Watches

Smart watches

CSC-Zertifizierung: Prüfung von smarten Gartengeräten

Gardening tools

CSC-Zertifizierung: Prüfung von smarten Alarmanlagen

Alarm devices

CSC-Zertifizierung: Prüfung von smarten Haussteuerungen

House controls

and many more!

Further test objects can be individually coordinated with us.

  

The benefits of CSC certification

  • Proof of trust & compliance: With a CSC certificate, you objectively prove the security of your CIoT product and enjoy greater confidence in the market.
  • Competitive advantages: The proven security of your product sets you apart from other manufacturers.
  • Identification of vulnerabilities: CSC certification reveals existing security deficiencies, the remediation of which reduces potential IT risks and hazards many times over (risk analysis).
  • Higher security level: Continuously improving the safety of your product throughout its life cycle.
  • Two-in-one testing: In addition to the IT security of your product, the assessment also focuses on functional device safety.
  • Active pioneering role: You actively contribute to strengthening trust in smart home and CIoT products and provide better orientation for consumers.

Why CSC certification?

When it comes to the subject of smart homes, many consumers are fairly critical. This is also confirmed by a Forsa survey conducted on behalf of the TÜV association. According to the survey, 2 out of 3 respondents (66 percent) believe that there is a very high risk of smart devices becoming the target of a hacker attack. 68 percent also fear that smart devices could misuse their personal data.
  

These security concerns mean that sales figures for smart home devices and CIoT products are currently still well below expectations and the market is only developing slowly.

By having your CIoT product inspected and certified under the new cybersecurity scheme "CyberSecurity Certified (CSC)", you remove existing uncertainties for customers and objectively demonstrate the IT security of your product. This benefits not only you as manufacturer, but also end consumers. This is because labeling a CIoT product with an independent mark of conformity for smart home devices creates trust, provides orientation, and has a positive effect on upcoming purchasing decisions.

  

VdTÜV survey on security in the Consumer IoT (CIoT) VdTÜV survey on security in the Consumer IoT (CIoT) VdTÜV survey on security in the Consumer IoT (CIoT) VdTÜV survey on security in the Consumer IoT (CIoT)

Source: TÜV Association, February 2021

Frequently asked questions:

  

What exactly is tested as part of CSC certification?

The subject of the test is, on the one hand, the CIoT product itself, which is tested with regard to both IT security aspects and its functional safety. In addition, however, the underlying business processesdata protection aspects and other services, such as connection to a cloud, are considered based on internationally recognized standards. Depending on the test level, additional penetration tests are also carried out. 

What standards are the inspection and certification based on?

The inspection and certification are based on internationally recognized norms and standards, such as ETSI EN 303 645, IEC 62443, ISO 27001, and the C5 catalog. 

To what extent does CSC certification fulfill the requirements of the European Cyber Security Act?

Since CSC certification is based among other things on ETSI EN 303 645, manufacturers use it to simultaneously cover the requirements of the European Cybersecurity Act (CSA). 

How long does the certification procedure usually take?

The project duration within the scope of a CSC certification can be approx. 1 month to approx. 3 months

Why we are a strong partner for you

Expertise

With us you have one of the leading experts in the field of cyber security at your side, certified by the BSI as an IT security service provider for IS revision, IS consulting and penetration tests.

Industry experience

Due to many years of experience in different branches of industry we can serve companies from a wide range of industries.

Everything from one source

Whether you need GAP analysis, support services, CSC auditing or CSC certification, we are your one-stop provider for all the services you need.

Tailor-made for you

We focus on individual services - and solutions - that optimally fit your current company situation and your set goals.

International network of experts

Around the globe: We consult and support you both nationally and internationally. Our global network of experts is ready to help you in word and deed in all IT security issues.

Independence

Our employees are not subject to any conflicts of interest, as they are not committed to any product suppliers, system integrators, stakeholders, interest groups or government agencies.
You have questions? We are pleased to help!

Gerald Krebs

Global Account Manager

+49 201 8999-411
Fax : +49 201 8999-666

g.krebs@tuvit.de

Alexander Padberg

Sales Manager

+49 201 8999-614
Fax : +49 201 8999-666

a.padberg@tuvit.de

Other services that may interest you

Penetration Tests

As an IT security service provider for penetrationtesting we help to identify organizational and technical security vulnerabilities.
Read more

Hardware

TÜViT evaluates IT products and their components in accordance with recognized international security standards and performs the necessary penetration tests in its own hardware test laboratory.
Read more

Software

TÜViT evaluates IT security aspects of software products according to the Common Criteria during the development process and throughout the entire lifecycle.
Read more

Audits according to the BSI C5 Catalog

Are you a cloud service provider looking for an objective assessment of your current cloud infrastructure? We offer audits according to the BSI C5 Catalog.
Read more

Mobile Security

Protection of mobile devices and content with TÜViT's modular approach: from analyzing your mobile strategy to auditing your apps.
Read more

Router Security: BSI TR-03148

With BSI TR-03148 for "Secure Broadband Routers", you – as a manufacturer – can prove that your broadband routers meet the security requirements defined by the BSI.
Read more
Industrial Security

Industrial Security

TÜViT offers security checks and penetration tests in order to reduce security vulnerabilities in your production infrastructure.
Read more

Accelerated Security Certification (BSZ)

The BSZ is an independent certificate that confirms the security statement of your IT product – quickly, predictably and with a minimum amount of documentation.
Read more