SESIP is providing device makers and certification bodies with a common, optimised approach to evaluate the security of connected products, bringing consistency and trust to the IoT ecosystem.
GlobalPlatform, the standard for secure digital services and devices, announces it will help device makers and certification bodies adopt the security evaluation standard for IoT platforms (SESIP) methodology. This work aims to bring consistency and trust to the Internet of Things (IoT) device security certification process, reducing complexity, costs and time to market for IoT stakeholders.
An estimated 75.44 billion IoT products will be in the marketplace by 2025. These products are made up of multiple components, which are developed by multiple players, many of which are new to security. SESIP addresses the scale and complexity of the IoT ecosystem with an optimised approach to security evaluation that is designed specifically for the IoT platforms and platform parts on which these products are based.
With extensive experience in establishing and managing security certification schemes, GlobalPlatform will support certification bodies in setting up certification schemes based on the SESIP methodology and align them with laboratories to drive consistency in product evaluations and certifications across the IoT ecosystem. Device makers can work with GlobalPlatform to enhance the security of their devices and ensure readiness to achieve certification in line with any schemes using SESIP.
“The volume and complexity of IoT products combined with varying regulations and certification frameworks make it challenging for IoT stakeholders to validate the security of their products in a cost-efficient way,” comments Kevin Gillick, executive director of GlobalPlatform. “As part of GlobalPlatform’s work to bring greater trust to the IoT ecosystem, we are pleased to support the implementation of SESIP. The methodology will standardise security certification for the IoT sector and give device makers and solution vendors the ability to demonstrate alignment with market requirements, use cases and regulations in an optimised way.”
“SESIP addresses the compliance, security, privacy and scalability complexities of the IoT ecosystem with an evaluation approach that is mappable to other methodologies, reusable across IoT platforms and adaptable to the evolving needs of the IoT environment. This makes it an ideal foundation to deliver an effective solution for IoT device certification,” adds GlobalPlatform technical director, Gil Bernabeu.
Certification bodies and security laboratories can download the methodology and contribute to GlobalPlatform’s work on SESIP for the benefit of the entire IoT ecosystem.