Cyber Security

We work to create a safe, secure and reliable future

You are here

  • Safe is securing your products, processes and systems

    Keeping people safe when they use technology is one of the key challenges, now and in the future. That is why cyber security has become an essential part of both safety testing and connectivity testing. Today, almost everything is connected to the internet or to local networks. Devices, equipment, vehicles, machines and installations are increasingly controlled either directly or via the cloud. Securing these products is vital in order to safeguard consumers and critical infrastructures alike.

    In addition, numerous cyber security laws will be implemented in the near future. The Network and Information Systems (NIS) Directive for the protection of critical infrastructures has been implemented Europe-wide. By 2019, the EU and USA will have implemented their Cyber Security Act and Securing IoT Act, respectively, both of which will impose stringent requirements on the security of all Internet of Things (IoT) products.

    +31 88 830 9613 (NL)

    + 34 952 619 100 (ES)

  • Why DEKRA?

    icon cyber

    DEKRA Cyber Security Package

    The DEKRA Cyber Security Package aims to secure your products, processes and systems by means of thorough product cyber security evaluations and certification.

    icon recognition

    Recognition of Common Criteria

    DEKRA has acquired Epoche & Espri, specialized in testing internationally recognized security standards. Along with conformance testing against international frameworks such as FIPS 140-2 and ISO 19790, Epoche & Espri focuses on certification in line with the Common Criteria.

    icon competence

    International competence center

    At our international competence center, we make sure that we stay up to date in the field by continuously conducting research into security vulnerabilities. Our expert engineers have extensive knowledge of specific technologies and many years of experience with product security evaluations and penetration testing.

    Icon focus

    Strong product focus

    We have a strong product focus in cyber security evaluations and assessments for many different markets, including consumer products, ICT and automotive.

  • DEKRA Cyber Security Package

    Depending on your product and market, you may have a number of specific cyber security challenges. The DEKRA Cyber Security Package aims to secure your products, processes and systems by means of thorough product cyber security evaluations and certification.

    Our cyber security experts will design a tailor-made cyber security package according to your specific needs and challenges, optimized to offer you the best possible support. With just one contact person to guide you throughout the process, we will take away any last doubts that prevent you from working on a comprehensive implementation of cyber security best practices.

    Our experts have run tailored cyber security packages for various markets, among which automotive, ICT and healthcare.

    Selected recognitions

    • Achilles Communication Certification
    • IECEE CB Cyber Security Certification (IEC 62443)
    • Common Criteria Evaluation
    • ISO 15408
    • ISO 19790
    • FIPS 140-2
    • 3GPP TR 33.916, TR 33.116, TR 33.117
    • eIDAS certification body

  • Cyber Security

    Survival paces and challenges in cyber security development. It’s interesting that when you google ‘trust’, many of the search results are about winning back trust, not just about establishing it.

    Download greenpaper
  • Product cyber security evaluations

    Our engineers have extensive expert knowledge of specific technologies and many years of experience with product security evaluations and penetration testing. In addition, they continuously conduct research into security vulnerabilities to stay up to date in their field. Without the need of a specific standard, we can evaluate whether your products are cyber secure using our formal and systematic security evaluation framework. The framework is based on recognized and well-known methodologies.

    We perform the individual security evaluation based on a formal security assessment and penetration testing, conducted by our team of white hat cyber security professionals. Our services cover amongst others smart devices, healthcare devices, and the connected car and take i.a. hardware, protocols, web and cloud services, applications, and user interfaces into account to ensure a secure and reliable product.

    Cyber security certification

    Today’s and tomorrow’s consumers, operators of critical infrastructures, and regulators all expect secure and trusted communication devices. Third-party certification against security standards provides independent proof that your products and processes comply with stringent security requirements or standards. Are you looking to get your processes or products certified? Read on to find out how we can help you.

  • Cyber Security certification:

    Common Criteria / ISO 15408

    The Common Criteria for Information Technology Security Evaluation (CC) is an international standard (ISO 15408) for cyber security certification. Certification according to the Common Criteria provides assurance that the implementation, specification and evaluation of an IoT product or system has been conducted in a sound and repeatable manner.

    The CC standard defines seven evaluation assurance levels (EAL) which provide a sliding scale of assurance from EAL1 (lowest) to EAL7 (highest). At DEKRA, we can test and certify your products and systems in line with the CC.

    eIDAS Certification

    Electronic Identification, Authentication and Trust Services (eIDAS) is an EU regulation on electronic identification and trust services for electronic transactions.

    At DEKRA, we offer certification services for eIDAS as a certification body according to ETSI EN 319 409, ETSI EN 319 411, ETSI EN 319 412, ETSI EN 319 421, ETSI EN 319 422 and ETSI EN 319 401.

    FIPS 140-2 / ISO 19790

    The Federal Information Processing Standard 140-2 is a U.S. government computer security standard used to approve cryptographic modules. DEKRA is a Cryptographic Module Testing Laboratory and handles testing according to this standard for both the Canadian and US markets.

    DEKRA also offers cryptographic module testing according to the security requirements as stated in ISO 19790. This standard defines four security levels for cryptographic modules to provide for a wide spectrum of data sensitivity and a diversity of application environments.

    IEC 62443

    DEKRA has been recognized by the IECEE, the global certification scheme for testing, assessment and certification against the IEC 62443 series of standards. CB certificates are accepted worldwide as proof of compliance with international standards and they provide reassurance that processes and products comply with stringent security requirements or standards.

    CB cyber security certification gives your stakeholders peace of mind that your products, processes and solutions comply with the strict fundamental security requirements outlined in IEC 62443.

    Achilles Communication

    DEKRA can provide you with Achilles Communication Certification (ACC) from GE Digital. As the industry-leading benchmark for communication robustness, Achilles Communication Certification is highly recognized, particularly in North America, for operational technologies used in critical infrastructure.

    3GPP for MME devices

    We offer conformance testing and functional security evaluations for MME devices and mobile network elements according to these specifications: 3GPP TR 33.916, TR 33.116, and TR 33.117.

    Cyber Security certification:

    Common Criteria / ISO 15408

    The Common Criteria for Information Technology Security Evaluation (CC) is an international standard (ISO 15408) for cyber security certification. Certification according to the Common Criteria provides assurance that the implementation, specification and evaluation of an IoT product or system has been conducted in a sound and repeatable manner.

    The CC standard defines seven evaluation assurance levels (EAL) which provide a sliding scale of assurance from EAL1 (lowest) to EAL7 (highest). At DEKRA, we can test and certify your products and systems in line with the CC.

    eIDAS Certification

    Electronic Identification, Authentication and Trust Services (eIDAS) is an EU regulation on electronic identification and trust services for electronic transactions.

    At DEKRA, we offer certification services for eIDAS as a certification body according to ETSI EN 319 409, ETSI EN 319 411, ETSI EN 319 412, ETSI EN 319 421, ETSI EN 319 422 and ETSI EN 319 401.

    FIPS 140-2 / ISO 19790

    The Federal Information Processing Standard 140-2 is a U.S. government computer security standard used to approve cryptographic modules. DEKRA is a Cryptographic Module Testing Laboratory and handles testing according to this standard for both the Canadian and US markets.

    DEKRA also offers cryptographic module testing according to the security requirements as stated in ISO 19790. This standard defines four security levels for cryptographic modules to provide for a wide spectrum of data sensitivity and a diversity of application environments.

    IEC 62443

    DEKRA has been recognized by the IECEE, the global certification scheme for testing, assessment and certification against the IEC 62443 series of standards. CB certificates are accepted worldwide as proof of compliance with international standards and they provide reassurance that processes and products comply with stringent security requirements or standards.

    CB cyber security certification gives your stakeholders peace of mind that your products, processes and solutions comply with the strict fundamental security requirements outlined in IEC 62443.

    Achilles Communication

    DEKRA can provide you with Achilles Communication Certification (ACC) from GE Digital. As the industry-leading benchmark for communication robustness, Achilles Communication Certification is highly recognized, particularly in North America, for operational technologies used in critical infrastructure.

    3GPP for MME devices

    We offer conformance testing and functional security evaluations for MME devices and mobile network elements according to these specifications: 3GPP TR 33.916, TR 33.116, and TR 33.117.

  • Meet our experts

  • Tim van den Berg
    Contact person

    Tim van den Berg

    Professional Electronics, Global/Europe
  • Contact person

    Rubén Lirio

    Cyber Security Product Manager