Operational Technology (OT) and Internet of Things (IoT) Cyber Security Certification via the Cyber Trust Mark™ (STM) framework sets out the principles and basis for third party conformity assessment, certification and voluntary 'live' Cybersecurity Labelling Scheme (CLS).
Providing OT/IoT smart device users (consumers) with a recognisable level of assurance that OT/IoT provider's (vendor/manufacturer) cyber security claims about their product have been independently evaluated and conform with internationally established baseline security requirements.
The scheme itself provides a unified, internationally applicable, scalable, independent and rigorous approach to assessing the integrity of the vendor’s cyber security claims for their OT/IoT connected Smart Device product and how they conform to the defined IoT Security Baseline Requirements (BR) recommendations, guidelines and codes produced by Governments and Standards bodies enabling mutual recognition and harmonisation.
The IoT Security Trust Mark™ addresses the risk of a lack of verified baseline cyber security in OT/IoT smart devices by:
1) Enabling Consumers to have confidence that the baseline requirements and cyber security features claimed by a vendor in a connected product have been evaluated.
2) Providing participating product evaluators, independent Accredited Test Facilities (ATFs), with a governance framework for predictable, standardised and repeatable evaluation of products prior to submission to a scheme Decision Authority (DA).
3) Supplying OT/IoT Providers with a cyber trust mark certification and voluntary 'live' cyber trust mark label (STM QR) to demonstrate their product has passed independent evaluation of their smart device cyber security claims and the Baseline Requirements (BRs)
IoT Cyber Security Certification from the Trust Mark™ certification and Cybersecurity Labelling Scheme (CLS) covers OT/IoT smart devices associated with consumers in the following sectors:
Personal/Residential/Home
Corporate/Business/Enterprise
Government
Industrial/Operational Systems
Critical Infrastructure, and,
Systems of National Significance (SoNS)
