繁體    簡體    英文

Come to meet the new standard for IoT product

Join closed
  • Industry:Cybersecurity & Functional Safety
  • Language:English
  • Fee:Free

Event introduction

Background

What is ETSI EN 303 645?
The Internet of Things (IoT) product cyber security/privacy protection standard ETSI EN 303 645 was developed by the European Telecommunications Standards Institute in collaboration with industry, academia and government to provide an effective and basic evaluation method to limit cybercriminals’ global control The device launches DDoS attacks, mines encrypted currency, and spy on users' homes, reducing the possibility of personal data leakage The release of ETSI EN 303 645 can effectively prevent these attacks and greatly improve the network security and privacy protection of IoT products.

Which IoT products does ETSI EN 303 645 apply to?
The ETSI EN 303 645 standard applies to a wide range of Internet of Things (IoT) products. For example, connected children's toys and baby monitors, smoke detectors, door locks, smart cameras, televisions and speakers, IoT gateways, wearable products, household smart electrical products and other consumer IoT products.

What are the provisions and clauses of ETSI EN 303 645?
The product-specific cybersecurity assessments derived from this standard are mainly developed from two aspects, namely, cybersecurity regulations and data privacy protection clauses. The standard focuses on technical control measures and organizational measures to combat network security deficiencies, so as to solve primary network attacks against network security weaknesses and vulnerabilities, and reach the network security baseline level of this standard. Specifically, the ETSI EN 303 645 standard covers the following:


Agenda

Cybersecurity regulations
- Security of universal default password
- Management and execution of vulnerability reports
- Software update
- Storage of sensitive security parameters
- Communication security
- Reduce the exposed attack surface
- Protection of personal data
- Software integrity
- System's anti-interruption ability
- Check system telemetry data
- Convenient for users to delete user data
- Simplify installation and maintenance of equipment
- Verify input data

Data protection clause
- Privacy statement
- Request for consent
- Withdrawal of consent
- When collecting telemetry data, use the principle of minimization
- Information that should be communicated to users when collecting telemetry data

Contact Person :

Grace Ma

Tel:+852 2192 1538

E-mail:grace.ma@tuv.com

Hot Course

No results found.
Return to list