ETSI EN 303 645 Cybersecurity Standard

You are here

  • A cybersecurity standard for consumer IoT devices

    The use of consumer Internet-of-Things (IoT) devices increases every day and, while the number of devices grows, the same happens with cyber threats. There are boundless ways to compromise the security of an IoT device, and users' data and privacy can be exposed. For this reason, the European Standards Organization ‘ETSI’ has created the first applicable cybersecurity standard for consumer IoT devices: the ETSI EN 303 645.

     

    Protect your product against cyber threats

    The ETSI EN 303 645 cybersecurity standard intends to help manufacturers to prepare their consumer IoT devices to be protected against the most common cybersecurity threats, as well as to prevent large-scale attacks against connected devices. To do so, it contains a set of security and privacy requirements and recommendations that manufacturers shall implement in their products. 

    This standard is considered as the foundation for a basic level IoT consumer assurance, providing the baseline for future IoT certification schemes.

     

    Designed for consumer IoT devices connected to the Internet

    The ETSI EN 303 645 is specially designed for IoT devices connected to network infrastructure and their interactions with associated services.

    Some of these products are smart TV’s, smart speakers, smart cameras, smart home assistants, wearable health trackers, connected appliances (e.g., washing machines, refrigerators, etc), connected children’s toys and baby monitors, connected home automation and alarm systems (gateways and hubs), connected smoke detectors, door locks and windows sensors, IoT gateways, base stations and hubs to which multiple devices connect.

  • Why DEKRA?

    Experts in security

    DEKRA is a leading company worldwide in the field of product testing and certification services for different markets. DEKRA has been recognized by organizations such as Amazon, CTIA, ENAC, Common Criteria, ENISA, NIST, GSMA, the ioXt Alliance, among others, as an independent third-party laboratory trustable to provide cybersecurity services.

    Custom-made evaluation

    We will design a tailor-made evaluation according to the specific needs and challenges of your product.

    ICT New features

    Broad services portfolio

    We offer an extensive portfolio including all key testing and certification services manufacturers need to launch their  IoT devices at any markets, such as regulatory, type approval, wireless, global market access and cybersecurity services, among others, which makes DEKRA the best partner to support customers to validate their products.

  • Prove your product is secure

    Manufacturers that implemented the security and privacy best practices defined in the ETSI EN 303 645, shall also prove their product meet this standard's requirements, by passing an evaluation performed in a third-party laboratory as DEKRA.

    In the assessment, DEKRA will evaluate if these requirements are correctly implemented in the device, following the Technical Specifications determined in the ETSI TS 103 701, where are defined how the test lab should proceed.

  • Guide to evaluate your product according to the ETSI EN 303 645

    If you want to test & certify your product according to the cybersecurity standard ETSI EN 303 645, but don't know where to begin, we are here to help you. In our ETSI EN 303 645 brochure you will find guidance on the process to request a product certification according to this consumer IoT devices cybersecurity standard.

    Download now
  • DEKRA services for the ETSI EN 303 645

    We offer different types of services for IoT devices according to the ETSI EN 303 645.

  • OUR SERVICES

    Training services

    DEKRA offers guidance for the preparation of the ICS and IXIT documents, as well as further information manufacturers shall provide to perform the evaluation according to the ETSI EN 303 645.

    GAP Analysis

    DEKRA assesses the product to determine the differences between the current security implementation of the product and the provisions defined in ETSI EN 303 645.

    Product Evaluation

    DEKRA evaluates the product based on the applicable provisions of the ETSI EN 303 645 and will issue a conformance evaluation report as well as the identified security gaps.

    DEKRA Seal

    DEKRA issues a DEKRA Seal if the product complies with the ETSI EN 303 645 standard.

    OUR SERVICES

    Training services

    DEKRA offers guidance for the preparation of the ICS and IXIT documents, as well as further information manufacturers shall provide to perform the evaluation according to the ETSI EN 303 645.

    GAP Analysis

    DEKRA assesses the product to determine the differences between the current security implementation of the product and the provisions defined in ETSI EN 303 645.

    Product Evaluation

    DEKRA evaluates the product based on the applicable provisions of the ETSI EN 303 645 and will issue a conformance evaluation report as well as the identified security gaps.

    DEKRA Seal

    DEKRA issues a DEKRA Seal if the product complies with the ETSI EN 303 645 standard.

  • Meet our experts

    vizcaino contact person image
    Contact person

    Antonio Vizcaino

    Key Account Manager Carrier Services and Cyber Security
    Ruben Lirio
    Contact person

    Rubén Lirio

    Cyber Security Business Line Manager
    Charles Chi
    Contact person

    Charles Chi

    Consumer market segment, Asia


More to read:

04.10.2021
Cybersecurity Testing, Cyber Security
20.09.2021
Cybersecurity Testing, Cyber Security
21.06.2021
Cyber Security, electric mobility, Cybersecurity, e-mobility, Automotive
DEKRA authorized by the ioXt Alliance to perform security testing on Mobile apps and VPN
15.04.2021
Cybersecurity, Cybersecurity Testing, Internet of Things
Amazon Alexa
18.05.2020
Connectivity Testing, Cyber Security