The Internet of Things (IoT) Security Trust Mark™ (STM) is a certification and labelling scheme that provides IoT users with a recognisable level of assurance that IoT providers (vendor/manufacturer) security claims about their product have been independently evaluated and their conformance with the baseline security requirements.
The scheme itself provides a unified, globally applicable, scalable, independent and rigorous approach to assessing the integrity of the vendor’s security claims for their IoT product and how they conform to the Baseline Requirements (BR) defined IoT Security recommendations, guidelines and codes produced by Governments and Standards bodies.
Why a Trust Mark?
The IoT Security Trust Mark™ addresses the real risk of a lack of verified baseline security in IoT devices by:
* Enabling IoT Users to have confidence that the baseline requirements and security features claimed by a vendor in an IoT product have been evaluated.
* Providing participating IoT product evaluators, independent Accredited Test Facilities (ATFs), with a governance framework for predictable, standardised and repeatable evaluation of products prior to submission to a scheme Decision Authority (DA).
* Supplying IoT Providers with a certification and label to demonstrate their product has passed independent evaluation of their security claims and against the Baseline Requirements (BR) of the scheme.
Trust Mark Application?
The IoT Security Trust Mark™ certification and labelling scheme covers IoT devices associated with:
* Consumers in their homes;
* Business use; * Government;
* Industrial & Operational Systems;
* Critical Infrastructure; and,
* Organisations of Significant National Interest.