Navigate the New IoT Labeling Program with Silicon Labs’ Best-In-Class Security
Securing the IoT is challenging. It’s also mission critical. As more devices become connected, the potential for IoT threats also increases, which has led governments and regulatory bodies to take action to protect consumers and has also incentivized manufacturers to prioritize cybersecurity. To help consumers better navigate this evolving landscape, today the White House officially launched its voluntary national cybersecurity IoT labeling program, U.S. Cyber Trust Mark, to provide consumers with information and build trust in the security capabilities of their IoT devices.
New White House Label Will Build Consumer Confidence in IoT Device Security
Through this program, consumers will gain transparency into the security features of their IoT products, including vulnerability information. For example, before buying a smart doorbell a customer could access a “living label” such as a QR code on the back of the device’s package to get all the latest security details about the product, including breaches, with a click of a button from their smartphone. By using a living label, consumers can be assured that the security of the device wasn’t compromised during transit from the manufacturer or while it sat on store shelves. This increased transparency will enable consumers to make better-informed decisions and will also help the IoT industry to scale as trust grows not only with consumers but also among device vendors, ecosystem partners, Internet Service Providers (ISPs), and the broader technology universe as more stakeholders embrace the security the label represents.
As a leader in IoT security, Silicon Labs is primed to help IoT developers and designers navigate changes in the IoT landscape with silicon, software, and solutions integrated with the best-in-class security from the start.
A Challenging Landscape for Customers
Secure Vault, Custom Parts Manufacturing, and Third-Party Certifications Give Silicon Labs’ Customers a Head Start in IoT Security
Customers will be able to inherit security certifications for
sub-components, which have been certified by frameworks like Platform
Security Architecture (PSA) and Security Evaluation Standard for IoT
Platforms (SESIP). Silicon Labs’ Secure Vault™
is one such component that meets and exceeds the requirements called
for by the latest IoT labeling program. Secure Vault™ contains a suite
of advanced security features that protects against local and remote
software attacks, local hardware attacks, and has been penetration
tested by third-party laboratories. Silicon Labs was the first silicon
provider to achieve the highest level of certification for Platform
Security Architecture (PSA/SESIP certification Level 3)
developed by Arm in response to the need for a "Hardware Root of Trust"
in a secure microcontroller. The architecture includes functions such
as Secure Boot, secure storage, secure code updating, secure isolation, cryptography, and secure debug ports.
The basis for the U.S. Consumer IoT Labeling program will be the National Institute of Standards and Technology (NIST) Interagency Report (IR) 8425 developed from NIST IR 8259A and B. In addition to product requirements, this report’s requirements are unique in that they now also require IoT product developer activities such as creating security documentation, providing means for the consumer and the public to report vulnerabilities, similar to a Product Security Incident Response program, disseminating vulnerabilities to the public, and requiring general security education and awareness. Silicon Labs plays a role in these requirements by providing its own vulnerability reporting program on our website where users and developers can also find the documentation and training on the security features we offer.
NIST IR 8425 IoT Device Cybersecurity and Non-Technical Supporting Core Baseline Requirements (courtesy of NIST)
For the device requirements, the labeling
program requires manufacturers to meet baseline security standards for
their IoT products including asset identification, product
configuration, data protection, interface access control, software
updates, and cybersecurity state awareness. To achieve proper asset
identification, manufacturers can utilize Silicon Lab’s secure identity and Silicon Lab's Custom Parts Manufacturing Services (CPMS), which enables unique identification of all components and a secure way to provision the devices. Silicon Lab’s Secure Boot
allows manufacturers to validate the firmware before letting it run on
the device. Silicon Lab’s cryptography solutions protect data from
unauthorized access, while our Secure Debug
restricts interface access to authorized entities. Our solutions help
partners implement secure over-the-air (OTA) updates, ensuring
authorized entities can update software securely. Silicon Labs also
assists customers in Cybersecurity State Awareness with our hardware
tamper protection, allowing for detection of cybersecurity incidents
affecting or impacted by the IoT product.
We maintain a high standard of security at
Silicon Labs which makes it possible for manufacturers to go through
dependent security certification programs such as the Connectivity
Standards Alliance’s Product Security Working Group (PSWG), PSA, and
SESIP. If customers use Secure Vault™, they will only need to prove to
the security labs that they have implemented Silicon Labs’ security
features properly, instead of doing penetration testing on these same
features.
IoT Security is a Global Imperative
This enhanced focus on IoT security extends
globally. For example, Singapore has its own labeling scheme, Singapore
Cybersecurity Labeling Scheme (SCLS), and the European Union created
Radio Equipment Directive (RED) Security Requirements. By being a part
of the Connectivity Standards Alliance’s PSWG, Silicon Labs is helping
to continue the global conversation on the best way to protect and
inform consumers and society at large, and today's announcement from the
White House represents a strong step towards building a safer, more
connected world.
Silicon Labs is continuing to improve our offerings to cover increasing security concerns and requirements in global markets. Learn more about our IoT security mission.
- +1 Like
- Add to Favorites
Recommend
- Silicon Labs Helping Smart Home Manufacturers Meet IoT Security Regulations
- Silicon Labs‘ Secure Vault Becomes World‘s First IoT Security Solution to Achieve PSA Certified Level 3 Status
- Sillicon Labs‘ Secure Vault Technology Is for Developing Extremely Robust, Secure IoT Wireless Solutions
- Security in IoT Devices: Challenges and Solutions
- Silicon Labs Launches Security Services to Support ‘Zero Trust‘ Security Model in IoT
- Silicon Labs Wi-Fi 6 Solutions Help You Convince Buyers by Designing More Secure Wi-Fi Devices
- Silicon Labs Unveils World‘s First Secure Sub-GHz SoCs With 1+ Mile Wireless Range And 10+ Year Battery Life
- Silicon Labs xG26 Sets New Standard in Multiprotocol Wireless Device Performance
This document is provided by Sekorm Platform for VIP exclusive service. The copyright is owned by Sekorm. Without authorization, any medias, websites or individual are not allowed to reprint. When authorizing the reprint, the link of www.sekorm.com must be indicated.