The past years have shown that there are still vulnerabilities in the security of IoT devices. As a result, dozens of norms and regulations have been introduced around the world to make sure IoT products provide security and privacy by design. These products often have to meet requirements imposed by various public and private policy makers, all looking for evidence of security elements such as encryption, secure storage and secure communication. But not all IoT devices require the same level of certification, and there are simply too many of them to test individually.

Developers and manufacturers of IoT products are experts in other fields than security. Because of this, they lack the tools to clearly identify security functionalities, their strengths, and the metrics to qualify them in a standardised way. With this in mind, the Security Evaluation Standard for IoT Platforms (SESIP) was introduced. An IoT platform is software and hardware combined, ready to be implemented in IoT products.

SGS Brightsight is a founding member of SESIP. SESIP has rapidly grown into an internationally recognised standard for security evaluation, supported by a large community of the top security providers in the hardware and software domains. It provides an optimised version of the Common Criteria methodology applied to certification of IoT platforms and their components. 

The European Union Agency for Cybersecurity (ENISA) has developed a study to help IoT manufacturers, developers, integrators and stakeholders to make better security decisions. In November 2020, SESIP was mentioned in the ENISA study as one of the most relevant standards in the area of risk management for IoT Platforms and components security.

SESIP webinars
Addressing IoT security trends through SESIP - Interview with Carlos Serratos, Senior Director Strategy, Policy and Advocacy at SGS Brightsight

At GlobalPlatform’s Fall Meetings in Athens, SGS Brightsight’s Carlos Serratos spoke about the latest security and regulatory trends impacting IoT markets, and how SESIP can support various stakeholders in addressing an evolving ecosystem. He also outlines how the methodology has progressed since its publication in 2020, and the roadmap for the year ahead.

SESIP: Certified Secure Platform for IoT developers

Launch your IoT product with SESIP! Efficient product certification with Brightsight certified SESIP platforms