
GE Appliances first to test devices with new UL IoT security rating
Introduced last year, UL’s IoT Security Rating is a security verification and labeling solution for consumer Internet of Things (IoT) products aimed at helping manufacturers and developers demonstrate the security due diligence of their products by leveraging proven security best practices and rating the security posture of IoT products. This, says the company, helps to improve the transparency of security with consumers and to assist them in making conscious and informed purchasing decisions.
As part of an ongoing engagement, the company says it is testing and assessing all connected products on the GE Appliances IoT security platform, including dishwashers, washers, dryers, refrigerators, ovens, water heaters, and water softeners to help demonstrate baseline security capabilities and protection of their consumer’s data at the appliance, on the GE Appliances mobile app, and in the cloud.
“For more than a century, UL has provided safety services to GE Appliances,” says Todd Denison, UL’s vice president and general manager for Appliances, HVAC and Lighting. “With the IoT Security Rating engagement, we have extended our support to GE Appliances in cybersecurity while contributing to their goal to prioritize consumer security for their smart products in the marketplace.”
The IoT Security Rating categorizes products according to an ascending five-level scale: Bronze, Silver, Gold, Platinum, and Diamond. Verified products receive a differentiated UL Verified Mark security label – specifying the achieved security level – and are evaluated on an ongoing basis by UL. The unique UL Verified Mark code can be accessed on the UL Verify website and the achieved UL Verified Mark can serve as a competitive differentiator for a manufacturer’s products and can be used on their products, packaging, marketing, and retail environments.
As part of the rating, products are assessed according to their implementation of vital baseline security capabilities that are aligned with global industry frameworks and best practices, such as the National Institute of Standards and Technology: Core Cybersecurity Feature Baseline for Securable IoT Devices; A Starting Point for IoT Device Manufacturers (draft NISTIR 8259), European Telecommunications Standards Institute: Cyber Security for Consumer Internet of Things (ETSI TS 103 645) and Council to Secure the Digital Economy: C2 Consensus on IoT Device Baseline Security (CSDE C2 Consensus).
The IoT Security Rating, says the company, also helps demonstrate security compliance for meeting the threshold of reasonable security features, as required of manufacturers in the first legally binding regulations for consumer IoT in the California and Oregon Cybersecurity Bills that went into effect January 1.
Related articles:
ETSI releases consumer IoT security standard
New UL standard to address augmented, virtual and mixed reality
Consumer IoT white paper predicts six big trends through 2025
IoT security web app lets users ‘spy’ on their smart home devices
