Navigation

Tracking The Internet of Things

Tracking the Internet of Things for the Australian IT community

Navigation

You are here: Home / IoT News Global / ETSI updates standard for consumer IoT devices

ETSI updates standard for consumer IoT devices

Stuart Corner

Iot tree

 

ETSI has updated its standard for consumer IoT devices, first released in February 2019 as a “technical specification”.

In a press release issued 30 June ETSI said it had unveiled ETSI EN 303 645, “a standard for cybersecurity in the Internet of Things that establishes a security baseline for internet-connected consumer products and provides a basis for future IoT certification schemes.”

ETSI said the standard was “Based on the ETSI specification TS 103 645. IoTAustralia reported on February 12 2019 that ETSI was planning to release an IoT standard and when ETSI announced that document, on 19 February 2019, it was described as “a standard for cybersecurity in the Internet of Things, to establish a security baseline for internet-connected consumer products and provide a basis for future IoT certification schemes.”

Technical specification, or standard?

The earlier document is now referred to as a “technical specification” rather than a standard. In its latest announcement, ETSI says: “EN 303 645 is based on the ETSI specification TS 103 645” and “a result of collaboration and expertise from industry, academics and government. … [It] went through National Standards Organisation comments and voting, engaging even more stakeholders in its development and ultimately strengthening the resulting standard.”

The new document “specifies 13 provisions for the security of Internet-connected consumer devices and their associated services.”

ETSI says its standard for consumer IoT devices covers connected children’s toys and baby monitors, connected safety-relevant products such as smoke detectors and door locks, smart cameras, TVs and speakers, wearable health trackers, connected home automation and alarm systems, connected appliances (eg washing machines, fridges) and smart home assistants. It also include five specific data protection provisions for consumer IoT.

ETSI describes it as “a cohesive standard that presents an achievable, single target for manufacturers and IoT stakeholders to attain.” It says many organisations have already based their products and certification schemes around it and the predecessor, TS 103 645.

“It demonstrates how one standard can underpin many assurance schemes and provide flexibility in certification – whilst maintaining world-leading security.

ETSI is now working on a test specification and an implementation guide to complement EN 303 645.

 

About Stuart Corner

I’ve been a journalist working in IT and telecommunications for 30 years. You can read more about me via the 'about' page of this web site.