comment on this article

Compliance Suite targets EN 303645 for secure IoT applications

Secure Thingz, an IAR Systems Group company, has announced Compliance Suite, a set of tools and training for embedded developers.

These tools and training are specifically targeted to provide embedded developers with a simplified path to building applications that are compliant with the European EN 303645, UK & Australian 13 Best Practices, and the evolving US Cybersecurity Improvement Act (NISTIR 8259).

Compliance is a challenge for organisations working in the fast-moving Internet of Things domain; given that most applications are unique, and that formal certification methodologies are both costly and time consuming.

As a result, the IoT Security Foundation, a non-profit industry association, has developed their IoT Security Compliance Framework, enabling organisations to build a self-certification methodology that meshes with the 13 Best Practices captured in UK and European Secure by Design guidelines.

The Compliance Suite from IAR Systems and Secure Thingz includes a set of development tools and Preconfigured Security Contexts that enables developers to rapidly implement core aspects of the guidelines, such as moving from passwords to certificate-based identification; the implementation of update policies; and the use of advanced device specific security enclaves to protect provisioned information.

Coupled with these tools is a set of training and support resources linking the functional requirements with the certification requirements identified in the IoT Security Foundation Compliance Questionnaire, ensuring a rapid implementation that meets international requirements.

“We are excited to enable our customers to meet the best practice certification provided by the IoT Security Foundation Compliance Framework,” said Haydn Povey, CEO, Secure Thingz. “We believe that compliance with these best practices is critical in enabling IoT to be successful, in ensuring interoperability based on trust, and ensuring customer confidence.”

Compliance is an important step towards formal 3rd party certification, such as Global Platform Security Evaluation Standard for IoT Platforms (SESIP), and the Arm PSA requirements. By implementing the IoT Security Foundation Compliance Framework, developers will be able to align their organisations with best-in-class methodologies, enabling them to achieve and surpass the evolving industry requirements.

The Suite includes the security development tool C-Trust, plus a set of Preconfigured Security Contexts for both mainstream microcontrollers and advanced security devices. It importantly also includes a suite of training covering secure implementation to achieve compliance and organizational vulnerability disclosure.

Author
Neil Tyler

Comment on this article


This material is protected by MA Business copyright See Terms and Conditions. One-off usage is permitted but bulk copying is not. For multiple copies contact the sales team.

What you think about this article:


Add your comments

Name
 
Email
 
Comments
 

Your comments/feedback may be edited prior to publishing. Not all entries will be published.
Please view our Terms and Conditions before leaving a comment.

Related Articles

Retail realignment

With some of the toughest trading conditions in living memory retailers are ...

Get to market faster

A quick look at using Vicor's PFM and AIM in VIA packaging for your AC to Point ...

World IoT Day

ByteSnap Design, a specialist in embedded systems design and development, has ...

Digital consciousness

​Would you consider uploading your brain to the cloud if it meant you could ...

Under attack

According to Gartner, two thirds of organisations are planning to deploy 5G by ...

IoT Everywhere

Mohamed Awad, VP of Arm’s IoT Business, discusses Arm’s vision for its IoT ...