Certifi cation

Testing and Certifi cation of IoT DevicesWhether refrigerator, smartwatch or industrial plant - in times of the Internet of Things (IoT) and Industry 4.0, more and more devices in the private and corporate environment are digitally networked. They off er new business opportunities, enhanced benefi ts and simplifi ed and more eff icient processes. But as practical and user-friendly as the increasing interconnectedness is, this trend also brings with it enlarged attack surfaces. Especially since IoT devices contain signifi cantly more complex infrastructures than classic IT.

IT security aspects should therefore be included early in the planning, design and implementation of IoT projects. To this end, TÜV TRUST IT and the German Research Center for Artifi cial Intelligence GmbH (DFKI) have developed a test catalogue that allows for an independent and objective evaluation and protection of IoT devices.

Cooperation between TÜV TRUST IT and the German Research Center for Artifi cial Intelligence (DFKI)

The DFKI is the leading research institution in Germany in the fi eld of innovative soft ware technologies and has been operating an IT security testing facility for more than 15 years, focusing on IT security and privacy protection of IT products.

In cooperation with TÜV TRUST IT, IoT devices are tested in the “IoTestlab” - a laboratory of the DFKI, which is recognised by the BSI for evaluations according to the Common Criteria - and certifi ed on request.

Testing Services

The scope of the investigation will be individually adapted to your project. This includes, inter alia, the following test services and application contexts:

• General concept review - Development methodology - Development and integration environment - Identity management - Platform-specifi c features - Protection of associated applications / services - Protection of interfaces (APIs) - Protection of updates - Crypto key management - Logging - Reviews (continuous monitoring)• Soft - and hardware architecture• Technical data protection (Privacy)• Data security

1/2 – Testing and Certifi cation of IoT Devices

BSI-Seal of the DFKI

Certifi cation

Certifi cation “Trusted IoT-Device”

For a certifi cation according to the requirements catalogue “Trusted IoT-Device”, the underlying soft ware and hardware ar-chitecture of the respective IoT device will be checked against relevant safety recommendations in the context of a security analysis. The aim is to identify possible conceptual weaknesses and to subsequently reveal improvement potentials.

If the test result is positive, a certifi cate will be issued on request. This certifi cate is valid for three years. In order to main-tain the certifi cation, the object of investigation is re-examined every year.

2/2 – Testing and Certifi cation of IoT Devices

Your Benefi ts

• Implement sustainable and eff ective information security during the IoT development cycle

• High investment security for development projects in the innovative IoT environment

• Detailed report on the test or certifi cation

• Planning or improvement basis for your IoT project

• The test and quality seal “Trusted IoT-Device” to foster your marketing

• Improve your market opportunities: Show your customers and management that your IoT device is trusted and secure

• Know-how transfer by IT security experts from TÜV TRUST IT (objective testing) and the DFKI (innovative research)

Sample seal

EXA

MPL

E Trusted Architecture

TrustedData Handling

Trusted Privacy Safeguard

TRUSTED IoT-DEVICE

TÜV TRUST IT GmbH TÜV TRUST ITTÜV AUSTRIA Group TÜV AUSTRIA GmbH

Waltherstraße 49–51 TÜV AUSTRIA-Platz 1D-51069 Köln A-2345 Brunn am GebirgePhone: +49 (0)221 969789 - 0 Phone: +43 (0) 5 0454 - 1000 info@tuv-austria.comFax: +49 (0)221 969789 -12 Fax: +43 (0) 5 0454 - 76245 www.it-tuv.com