IoT Security Trust Mark™ is in Pilot

Verifying Baseline IoT Security and Vendors Security Claims

What is the Trust Mark?

The Internet of Things (IoT) Security Trust Mark™ (STM) framework sets out the principles and basis for third party conformity assessment, certification and voluntary 'live' labelling scheme providing IoT users (consumers) with a recognisable level of assurance that IoT provider's (vendor/manufacturer) security claims about their product have been independently evaluated and conform with internationally established baseline security requirements.

The scheme itself provides a unified, internationally applicable, scalable, independent and rigorous approach to assessing the integrity of the vendor’s security claims for their IoT product and how they conform to the defined IoT Security Baseline Requirements (BR) recommendations, guidelines and codes produced by Governments and Standards bodies enabling mutual recognition.

Why a Trust Mark?

The IoT Security Trust Mark™ addresses the real risk of a lack of verified baseline security in IoT devices by:

* Enabling IoT Users to have confidence that the baseline requirements and security features claimed by a vendor in an IoT product have been evaluated.

* Providing participating IoT product evaluators, independent Accredited Test Facilities (ATFs), with a governance framework for predictable, standardised and repeatable evaluation of products prior to submission to a scheme Decision Authority (DA).

* Supplying IoT Providers with a certification, voluntary 'live' label (STM QR) to demonstrate their product has passed independent evaluation of their security claims and the Baseline Requirements (BR) of the scheme.

Trust Mark Application?

The IoT Security Trust Mark™ certification and labelling scheme covers IoT devices associated with:

* Consumers in their homes;
* Business use;
* Government;
* Industrial & Operational Systems;
* Critical Infrastructure; and,
* Organisations of Significant National Interest.

For more information