IQS Program

Labeling program dedicated to smart devices security

Discover our label

Two levels of labeling

" IQS Standard  "  covers the security requirements for any IoT solution to achieve a level of resistance to state-of-the-art best practice attacks.

" IQS Advanced " is intended for IoT solutions that require a higher level of protection to ensure a higher level of protection for access data (keys) and user data. It takes the IQS Standard requirements and adapts and adds additional requirements.

The IQS Label

The "IoT Qualified as Secured" (IQS) labelling programme is offered by Atos Cybersecurity Services France to Internet of Things (IoT) players wishing to have the security level of their IoT solutions qualified by an independent third party.

A security requirements standard adapted to the IoT

The IQS Label is only awarded to IoT solutions that have demonstrated that they meet a set of published security requirements. It is a reliable indicator, allowing :

  • designers to ensure that state-of-the-art requirements are taken into account;
  • to objectively inform future purchasers of IoT solutions, whether individuals or professionals, about the security of connected objects and associated services.

The IQS label's security requirements standard covers the following themes:

  • Protection of access to data, particularly user data and data for access to services associated with the IoT solution.
  • Protection of data exchange with mobile applications or the cloud.
  • Protection of the integrity of the connected object (firmware, configuration).
  • Traceability of events.
  • Object management: maintenance, initial configuration, updates and reset.

The guidelines, published on the label's website, cover the recommendations of the ANSSI and the ETSI EN 303645 standard for the topics addressed.

As part of the labelling programme, the designers of the IoT solution must provide a commitment for the duration of the label's validity (3 years) to ensure that the IoT solution is maintained in secure conditions (MCS) by committing to :

  • Monitor published vulnerabilities in the hardware and firmware used.
  • Inform users of the IoT solution of security vulnerabilities.
  • Make available the necessary security patches to maintain the requirements (firmware update, configuration guide).

The designer also commits to the specific security requirements that he puts forward for the IoT solution.

Want to
know more?

Our IQS security requirements standard

Our framework is based on best practice in security and feedback from Atos Digital Security during its audits.
Learn more

Our labeling process

Every IoT device subject to labeling follows the quality benchmark: connected objects, communication protocols, servers reachable from the Internet and user applications.

Learn more

Interested in validating your solution?

Contact us

About Atos Digital Security

Atos Digital Security, the first European CERT™ partly dedicated to connected objects, employs 450 consultants and experts with multiple certifications. Its services cover the fields of auditing, consulting, training, integration and operation (service centres) of security solutions. Atos Digital Security brings together proven know-how and rare expertise (radio frequencies, electronics, SOC, IAM, DLP, PKI, etc.), and has an IoT laboratory that allows theevaluation of connected solutions and the issuing of a labelIt is also active in monitoring and R&D, resulting in numerous publications and contributions to national and international research projects.
Discover our labeled solutions