Skip to Main content Skip to Navigation
Conference papers

Towards Cybersecurity Act: A Survey on IoT Evaluation Frameworks

Abstract : On the 7 th of June 2019, the Cybersecurity Act was adopted by the European Union. Its objectives are twofold: the adoption of the permanent mandate of ENISA and the definition of a European cybersecurity certification framework, which is essential for strengthening the security of Europe's digital market. Delivered certificates according to this scheme will be mutually recognized among European countries. The regulation defines three certification levels with increasing requirements. Among them, the "basic level" which typically targets noncritical, consumer objects (e.g.,smart-home or "gadget" IoT). Yet, various evaluation and certification schemes related to the IoT already exist prior to the adoption of the Cybersecurity Act. Thus, discussions are being carried on at the moment of redaction in order to either choose an existing scheme or to design a unified scheme based on existing ones. In this paper, we focus on the basic level, and assemble a survey on existing evaluation and certification schemes for consumer IoT and compare them based on various criteria. Then, we propose a unified evaluation scheme for the basic level driven by Bureau Veritas, based on existing schemes.
Complete list of metadata
Contributor : Maxime Puys Connect in order to contact the contributor
Submitted on : Monday, November 23, 2020 - 1:58:58 PM
Last modification on : Sunday, June 26, 2022 - 12:32:46 AM
Long-term archiving on: : Wednesday, February 24, 2021 - 7:17:20 PM


Files produced by the author(s)


  • HAL Id : cea-03019512, version 1



Maxime Puys, Jean-Pierre Krimm, Raphaël Collado. Towards Cybersecurity Act: A Survey on IoT Evaluation Frameworks. SECURWARE 2020 - The Fourteenth International Conference on Emerging Security Information, Systems and Technologies, Nov 2020, Valence, Spain. ⟨cea-03019512⟩



Record views


Files downloads