Sökning: onr:"swepub:oai:DiVA.org:ri-62619" >
EU Cybersecurity Ac...
EU Cybersecurity Act and IoT Certification : Landscape, Perspective and a Proposed Template Scheme
-
- Khurshid, Anum (författare)
- RISE,Datavetenskap,RISE Research Institutes of Sweden, Stockholm, Sweden
-
- Alsaaidi, Reem (författare)
- RISE,RISE Research Institutes of Sweden, Stockholm, Sweden.;Ericsson, BCSS Secur Engn, S-16480 Stockholm, Sweden.
-
- Aslam, Mudassar (författare)
- RISE,National University of Computer and Emerging Sciences, Pakistan,RISE Research Institutes of Sweden, Stockholm, Sweden.;Natl Univ Comp & Emerging Sci NUCES FAST, Dept Cybersecur, Islamabad 44000, Pakistan.
-
visa fler...
-
- Raza, Shahid, 1980- (författare)
- Uppsala universitet,RISE,Datavetenskap,Uppsala University, Sweden,Datorteknik,RISE Research Institutes of Sweden, Stockholm, Sweden
-
visa färre...
-
(creator_code:org_t)
- Institute of Electrical and Electronics Engineers Inc. 2022
- 2022
- Engelska.
-
Ingår i: IEEE Access. - : Institute of Electrical and Electronics Engineers Inc.. - 2169-3536. ; 10, s. 129932-
- Relaterad länk:
-
https://doi.org/10.1...
-
visa fler...
-
https://uu.diva-port... (primary) (Raw object)
-
https://urn.kb.se/re...
-
https://doi.org/10.1...
-
https://urn.kb.se/re...
-
visa färre...
Abstract
Ämnesord
Stäng
- The vulnerabilities in deployed IoT devices are a threat to critical infrastructure and user privacy. There is ample ongoing research and efforts to produce devices that are secure-by-design. However, these efforts are still far from translation into actual deployments. To address this, worldwide efforts towards IoT device and software certification have accelerated as a potential solution, including UK’s IoT assurance program, EU Cybersecurity Act and the US executive order 14028. In EU, the Cybersecurity Act was launched in 2019 which initiated the European cybersecurity certification framework for Internet and Communications Technology (ICT). The heterogeneity of the IoT landscape with devices ranging from industrial to consumer, makes it challenging to incorporate IoT devices in the certification framework or introduce a European cybersecurity certification scheme solely for IoT. This paper analyses the cybersecurity certification prospects for IoT devices and also places article 54 of the EU Cybersecurity Act in an international perspective. We conducted a comparative study of existing IoT certification schemes to identify potential gaps and extract requirements of a candidate IoT device security certification scheme. We also propose an approach that can be used as a template to instantiate an EU cybersecurity certification scheme for IoT devices. In the proposed template, we identify IoT-critical elements from the article 54 of the Cybersecurity Act. We also evaluate the proposed template using the ENISA qualification system for cybersecurity certification schemes and show its qualification on all criteria.
Ämnesord
- TEKNIK OCH TEKNOLOGIER -- Elektroteknik och elektronik -- Datorsystem (hsv//swe)
- ENGINEERING AND TECHNOLOGY -- Electrical Engineering, Electronic Engineering, Information Engineering -- Computer Systems (hsv//eng)
- NATURVETENSKAP -- Data- och informationsvetenskap -- Datavetenskap (hsv//swe)
- NATURAL SCIENCES -- Computer and Information Sciences -- Computer Sciences (hsv//eng)
Nyckelord
- Conformity Assessment
- EU Agency for Cybersecurity (ENISA)
- EU Cybersecurity Act
- Internet of Things
- IoT Certification
- Security Certification Scheme
- Cyber security
- Security certification
- Software certification
- User privacy
- Cybersecurity
Publikations- och innehållstyp
- ref (ämneskategori)
- art (ämneskategori)
Hitta via bibliotek
Till lärosätets databas