For information: ETSI releases IoT security standard
Dear colleagues, The European Telecommunications Standardisation Institute (ETSI), earlier this week released their initial standard for securing IoT devices. The document is titled ‘Technical specification - Cyber Security for Consumer Internet of Things’ (ETSI TS 103 645), and states that its objective is, “...to support all parties involved in the development and manufacturing of consumer IoT with guidance on securing their products.” While it remains a very high-level document, containing many recommendations our community probably takes for granted, it could be helpful in guiding newcomers towards a more secure implementation of their IoT services and devices. The recommendations include items like, for instance, using non-default passwords. Although this is not yet a European Standard (EN) level specification, it is likely that any European standard specification in this area would be developed based on guidance from this document. In this context, a specification like this might also be reflected in product conformity guidelines such as the Radio Equipment Directive, that I posted about last week. The specification is available at https://www.etsi.org/deliver/etsi_ts/103600_103699/103645/01.01.01_60/ts_103... Regards, Marco Hogewoning RIPE NCC
Dear Marco, thanks a lot! Best, Peter
Am 21.02.2019 um 15:28 schrieb Marco Hogewoning <marcoh@ripe.net>:
Dear colleagues,
The European Telecommunications Standardisation Institute (ETSI), earlier this week released their initial standard for securing IoT devices. The document is titled ‘Technical specification - Cyber Security for Consumer Internet of Things’ (ETSI TS 103 645), and states that its objective is, “...to support all parties involved in the development and manufacturing of consumer IoT with guidance on securing their products.”
While it remains a very high-level document, containing many recommendations our community probably takes for granted, it could be helpful in guiding newcomers towards a more secure implementation of their IoT services and devices. The recommendations include items like, for instance, using non-default passwords.
Although this is not yet a European Standard (EN) level specification, it is likely that any European standard specification in this area would be developed based on guidance from this document. In this context, a specification like this might also be reflected in product conformity guidelines such as the Radio Equipment Directive, that I posted about last week.
The specification is available at https://www.etsi.org/deliver/etsi_ts/103600_103699/103645/01.01.01_60/ts_103...
Regards,
Marco Hogewoning RIPE NCC _______________________________________________ iot-wg mailing list iot-wg@ripe.net https://lists.ripe.net/mailman/listinfo/iot-wg
Peter Steinhäuser, CEO embeDD GmbH · Alter Postplatz 2 · 6370 Stans · Switzerland Phone: +41 (41) 784 95 85 · Fax: +41 (41) 784 95 64
Thanks Marco, It's relevant for business problems Best, Yuri ISOC IoT SIG Thursday, February 21, 2019, 4:28:01 PM, you wrote:
Dear colleagues,
The European Telecommunications Standardisation Institute (ETSI), earlier this week released their initial standard for securing IoT devices. The document is titled ‘Technical specification - Cyber Security for Consumer Internet of Things’ (ETSI TS 103 645), and states that its objective is, “...to support all parties involved in the development and manufacturing of consumer IoT with guidance on securing their products.”
While it remains a very high-level document, containing many recommendations our community probably takes for granted, it could be helpful in guiding newcomers towards a more secure implementation of their IoT services and devices. The recommendations include items like, for instance, using non-default passwords.
Although this is not yet a European Standard (EN) level specification, it is likely that any European standard specification in this area would be developed based on guidance from this document. In this context, a specification like this might also be reflected in product conformity guidelines such as the Radio Equipment Directive, that I posted about last week.
The specification is available at https://www.etsi.org/deliver/etsi_ts/103600_103699/103645/01.01.01_60/ts_103...
Regards,
Marco Hogewoning RIPE NCC _______________________________________________ iot-wg mailing list iot-wg@ripe.net https://lists.ripe.net/mailman/listinfo/iot-wg
FYI colleagues, the connect WG is handling a possible RIPE response to this consultation. If you have any comments or insight to contribute, please take them to the connect WG.
On 21 Feb 2019, at 14:28, Marco Hogewoning <marcoh@ripe.net> wrote:
The European Telecommunications Standardisation Institute (ETSI), earlier this week released their initial standard for securing IoT devices. The document is titled ‘Technical specification - Cyber Security for Consumer Internet of Things’ (ETSI TS 103 645), and states that its objective is, “...to support all parties involved in the development and manufacturing of consumer IoT with guidance on securing their products.”
While it remains a very high-level document, containing many recommendations our community probably takes for granted, it could be helpful in guiding newcomers towards a more secure implementation of their IoT services and devices. The recommendations include items like, for instance, using non-default passwords.
Although this is not yet a European Standard (EN) level specification, it is likely that any European standard specification in this area would be developed based on guidance from this document. In this context, a specification like this might also be reflected in product conformity guidelines such as the Radio Equipment Directive, that I posted about last week.
The specification is available at https://www.etsi.org/deliver/etsi_ts/103600_103699/103645/01.01.01_60/ts_103...
Dear colleagues, Please be aware that the below is a FYI. The Connect WG is currently looking into submitting a response to a BEREC consultation regarding the definition of the Network Termination Point, as part of implementing the recent European Electronic Communications Code. The BEREC draft guidelines are available from https://berec.europa.eu/eng/document_register/subject_matter/berec/regulator... <https://berec.europa.eu/eng/document_register/subject_matter/berec/regulatory_best_practices/guidelines/8821-berec-guidelines-on-common-approaches-to-the-identification-of-the-network-termination-point-in-different-network-topologies> And as Jim mentioned, please leave any comments to the Connect WG mailing list, as this working group is trying to reach a consensus opinion to submit into the public consultation process on behalf of the RIPE community. Best, Marco Hogewoning External Relations, RIPE NCC
On 17 Oct 2019, at 10:36, Jim Reid <jim@rfc1035.com> wrote:
FYI colleagues, the connect WG is handling a possible RIPE response to this consultation. If you have any comments or insight to contribute, please take them to the connect WG.
On 21 Feb 2019, at 14:28, Marco Hogewoning <marcoh@ripe.net> wrote:
The European Telecommunications Standardisation Institute (ETSI), earlier this week released their initial standard for securing IoT devices. The document is titled ‘Technical specification - Cyber Security for Consumer Internet of Things’ (ETSI TS 103 645), and states that its objective is, “...to support all parties involved in the development and manufacturing of consumer IoT with guidance on securing their products.”
While it remains a very high-level document, containing many recommendations our community probably takes for granted, it could be helpful in guiding newcomers towards a more secure implementation of their IoT services and devices. The recommendations include items like, for instance, using non-default passwords.
Although this is not yet a European Standard (EN) level specification, it is likely that any European standard specification in this area would be developed based on guidance from this document. In this context, a specification like this might also be reflected in product conformity guidelines such as the Radio Equipment Directive, that I posted about last week.
The specification is available at https://www.etsi.org/deliver/etsi_ts/103600_103699/103645/01.01.01_60/ts_103...
participants (4)
-
Jim Reid -
Marco Hogewoning -
Peter Steinhäuser -
Yuriy Kargapolov