
Two levels of labeling


" IQS Standard " covers the security requirements for any IoT solution to achieve a level of resistance to state-of-the-art best practice attacks.
" IQS Advanced " is intended for IoT solutions that require a higher level of protection to ensure a higher level of protection for access data (keys) and user data. It takes the IQS Standard requirements and adapts and adds additional requirements.

The IQS Label
The "IoT Qualified as Secured" (IQS) labelling programme is offered by Atos Cybersecurity Services France to Internet of Things (IoT) players wishing to have the security level of their IoT solutions qualified by an independent third party.
A security requirements standard adapted to the IoT
The IQS Label is only awarded to IoT solutions that have demonstrated that they meet a set of published security requirements. It is a reliable indicator, allowing :
- designers to ensure that state-of-the-art requirements are taken into account;
- to objectively inform future purchasers of IoT solutions, whether individuals or professionals, about the security of connected objects and associated services.
The IQS label's security requirements standard covers the following themes:
- Protection of access to data, particularly user data and data for access to services associated with the IoT solution.
- Protection of data exchange with mobile applications or the cloud.
- Protection of the integrity of the connected object (firmware, configuration).
- Traceability of events.
- Object management: maintenance, initial configuration, updates and reset.
The guidelines, published on the label's website, cover the recommendations of the ANSSI and the ETSI EN 303645 standard for the topics addressed.
As part of the labelling programme, the designers of the IoT solution must provide a commitment for the duration of the label's validity (3 years) to ensure that the IoT solution is maintained in secure conditions (MCS) by committing to :
- Monitor published vulnerabilities in the hardware and firmware used.
- Inform users of the IoT solution of security vulnerabilities.
- Make available the necessary security patches to maintain the requirements (firmware update, configuration guide).
The designer also commits to the specific security requirements that he puts forward for the IoT solution.
Want to
know more?

Our IQS security requirements standard

Our labeling process
Every IoT device subject to labeling follows the quality benchmark: connected objects, communication protocols, servers reachable from the Internet and user applications.

Interested in validating your solution?
About Atos Digital Security
