CyberSecurity Certified (CSC)

On the one hand, the audit focuses on the CIoT product itself, which is analysed with regard to both IT security aspects and its functional security. However, the underlying business processes, data protection aspects and other services, such as the connection to a cloud, are also examined on the basis of internationally recognised standards. Depending on the test level, penetration tests are also carried out.

Testing and certification are based on internationally recognised norms and standards, such as ETSI EN 303 645, IEC 62443, ISO 27001 or the C5 catalogue.

As the CSC certification is based on ETSI EN 303 645, among others, manufacturers also cover the requirements of the European Cybersecurity Act (CSA) with this certification.

The project duration within the scope of a CSC certification can be between approx. 1 month and approx. 3 months.

Consumers in Germany tend to take a critical view of smart homes. This is also confirmed by a Forsa survey conducted on behalf of the TÜV association, according to which 2 out of 3 respondents (66 per cent) believe that there is a very high risk of smart devices becoming the target of a hacker attack. 68 per cent also fear that smart devices could misuse their personal data.

These security concerns mean that sales figures for smart home devices and CIoT products are currently still well below expectations and the market is only developing slowly.

By having your CIoT product tested and certified in accordance with the new"CyberSecurity Certified (CSC)" cybersecurity scheme, you remove existing uncertainties for customers and objectively prove the IT security of your product. This benefits not only you as a manufacturer, but also end users. This is because labelling a CIoT product with an independent test mark for smart home devices builds trust, provides guidance and has a positive effect on upcoming purchasing decisions.