IoT System Certification Scheme (IoTSCS)
The IoTSystem Certification Scheme (IoTSCS), operated by STQC Dte, Ministry of Electronics and Information Technology, has aim to support all the IoT products and system.
Evaluation of IoT product &system covers assessment of all the sensing and embedding components (includes Sensors, Actuators etc), communication protocols, IoT Gateways, IoT cloud, End-user devices and user interface etc
Benefits of Certification
This provides users of IoTproduct & System confidence in the security functionality provided. It also provides users with a metric to compare the security capabilities of products that they are intending to buy.
The scheme is intended to serve many communities of interest with very diverse roles and responsibilities.
- IoT product developers,
- IoTproduct vendors,
- IoT systems integrators for IT security infrastructure
- IoTproduct researchers,
- Acquisition/procurement authorities of IoT product
- Consumers of IT Security products
Assessment Level of IoT product
Assessment of IoT devices covers basically three aspects mainly physical, Communication and its application interfaces. The IoT devices scheme comprises of three (03) levels, with each higher level being more comprehensive in the assessment. There are 3 different level of assessment, covering different security requirements. The objective of testing under each of the levels are summarized in IoT device scheme assessment Levels below:
- Level 1 requirements is to provide protection against attacks that target software only, i.e. attacks that do not involve physical access to the device. Level 1 requirements aim to provide a security baseline for connected devices.
- Level 2 requirements is to provide protection against attacks that go beyond software and that target the hardware of the device. Devices that adhere to level 2 requirements are devices where compromise of the device should be avoided.
- Level 3 requirements is to provide requirements for devices where compromise should be avoided at all cost. Devices where there is highly sensitive information stored on the device or where compromise of the device can result in fraud or safety. In addition to the security requirements provided by level 1 and 2, level 3 requirements focus on defense-in-depth techniques that attempt to hinder reverse engineering and physical tampering efforts.
- Rules and Procedures for IoT System Certification Scheme (STQC/IoTSCS/D01)
- IoTSCS F02 Product Series Details
- Technical Construction File (TCF) for IoT Device
- Checklist for Auditors/Assessors
- Application for IoT Product Certification
|Name and Designation
Sh. Suresh Chandra, Scientist G & HeadIoT System Certification Scheme (IoTSCS)
6,CGO Complex,Lodi Road,
Phone: 011 - 24301382
Fax: 011 - 24363083