Labeling program dedicated to smart devices security
Two levels of labeling
" IQS Standard " covers the security requirements for any IoT solution to achieve a level of resistance to state-of-the-art best practice attacks.
" IQS Advanced " is intended for IoT solutions that require a higher level of protection to ensure a higher level of protection for access data (keys) and user data. It takes the IQS Standard requirements and adapts and adds additional requirements.
The IQS Label
The "IoT Qualified as Secured" (IQS) labelling programme is offered by Atos Cybersecurity Services France to Internet of Things (IoT) players wishing to have the security level of their IoT solutions qualified by an independent third party.
A security requirements standard adapted to the IoT
The IQS Label is only awarded to IoT solutions that have demonstrated that they meet a set of published security requirements. It is a reliable indicator, allowing :
- designers to ensure that state-of-the-art requirements are taken into account;
- to objectively inform future purchasers of IoT solutions, whether individuals or professionals, about the security of connected objects and associated services.
The IQS label's security requirements standard covers the following themes:
The guidelines, published on the label's website, cover the recommendations of the ANSSI and the ETSI EN 303645 standard for the topics addressed.
As part of the labelling programme, the designers of the IoT solution must provide a commitment for the duration of the label's validity (3 years) to ensure that the IoT solution is maintained in secure conditions (MCS) by committing to :
The designer also commits to the specific security requirements that he puts forward for the IoT solution.
Our IQS security requirements standard
Our labeling process
Every IoT device subject to labeling follows the quality benchmark: connected objects, communication protocols, servers reachable from the Internet and user applications.