TÜV Rheinland Becomes IoT Cybersecurity Mark Accredited Testing Lab for IP Cameras


2020-04-21

上一篇新聞 下一篇新聞

Version-2 TÜV Rheinland

香港

TÜV Rheinland Becomes IoT Cybersecurity Mark Accredited Testing Lab for IP Cameras



 

Due to the cybersecurity requirements of video surveillance system vendors, the Product Safety Testing Laboratory of TÜV Rheinland Taiwan was recently certified by the Taiwan Accreditation Foundation (TAF) as an accredited testing lab for Taiwan Association of Information and Communication Standards (TAICS). TÜV Rheinland can now provide Level 1 testing and certification for video surveillance system - IP cameras, as well as product cybersecurity testing based on ETSI TS 103 645 and CA SB 327. IP camera vendors can now open up even more markets by applying for compliance with the product cybersecurity requirements of the EU, California (US), and Taiwan simultaneously.

The emergence of the digital economy and Internet-of-Things (IoT) has given rise to even more IoT cybersecurity threats, such as: hacking of IP cameras, which may lead to the leaking of surveillance footage. Many childcare centers, nursing homes, or families with elderly people, children, and pets now install IP cameras for security surveillance or home security. Attacks against these IP cameras may allow malicious users to compromise the privacy of the system owner without them being aware of it. There have been a number of cybersecurity incidents involving video surveillance systems in recent years. The best-known was the Distributed Denial of Service (DDoS) that took place at the end of 2016 when hackers used the Mirai zombie network to infect large numbers of IP cameras. The infected devices were then used as a springboard to launch DDoS attacks against Internet service providers. As a result, services were disrupted at many high-traffic websites, including Twitter, Netflix, and Airbnb.

To assist the carrying out of comprehensive cybersecurity testing for IP cameras and strengthen IoT security, the Industrial Development Bureau of the Ministry of Economic Affairs (MOEA) commissioned the Institute for Information Industry (III) and TAICS to establish a set of cybersecurity standards and corresponding testing guidelines for video surveillance system cameras that can be applied to embedded cameras with wired connections. The new cybersecurity standard and testing requirements are based on the relevant international IoT cybersecurity standards and testing guidelines, such as CNS 27001, ANSI/CAN/UL 2900-1:2017, GSM (Groupe Speciale Mobile Association) IoT Safety Guidelines, the vulnerability testing of the Open Web Application Security Project (OWASP), and the Japanese government's IoT Security Guidelines. Together, they establish a domestic cybersecurity quality standard for video surveillance systems. This standard has now been incorporated into the acceptance specifications for procurement projects by subordinate MOEA agencies responsible for critical infrastructure, such as oil, water, and electricity. The cybersecurity standard for video surveillance systems - IP cameras was also formally adopted as the CNS-16120 standard of Taiwan in December, 2019.

The cybersecurity standard for video surveillance systems - IP cameras consists of five security aspects: physical security, system security, communication security, security of identity verification and authorization mechanisms, and privacy protection. The standard sets out in detail the cybersecurity requirements for video surveillance devices. Product security is also divided into three levels (Level 1, 2, and 3), based on the level of cybersecurity risk and the complexity of security technology. Vendors can select what level of product security certification they need based on their own requirements. Products that pass testing by TAICS-accredited testing labs such as TÜV Rheinland and then apply for TAICS can obtain the IoT Cybersecurity Mark.

 

About Version 2 Limited

Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.


About TÜV Rheinland

The TÜV Rheinland is a leading provider of technical services worldwide. Since our foundation in 1872, we have been providing safe and sustainable solutions for the challenges arising from the interaction between man, the environment and technology.As an independent, neutral and professional organization, we are committed to working towards a future that can fulfil the needs of both mankind and the environment in the long term.

上一篇新聞 下一篇新聞

返回前一頁