Cybersécurité

Cybersecurity

CYBERSECURITY SERVICES FOR CONNECTED PRODUCTS

Wide portfolio of cybersecurity services available worldwide With the introduction and continuous expansion of the Internet of Things (IoT), the world becomes more and more connected. The combination of “smart” devices, mobile or web applications used to interact with them and cloud services allowing them connect with each other lead to the development of overlapped IoT ecosystems. Historically, the world of IoT products has been driven in the past years strongly by functionality. However, we are at a point where cybersecurity issues associated with these products are not theoretical anymore, and can very well impact the products that we use in our daily life. Currently, there are multiple internationally recognized standards, frameworks and certification schemes that could help manufacturers decide which set of security functionalities they would like to include into their products. For instance, the IEC 62443 family has become the reference standard for industrial cybersecurity, covering components and systems. ANSI UL 2900 is seen as a reference family for security in medical devices. ETSI EN 303 645 is a recently finalized standard seen as the main reference for consumer IoT products. Finally, ISO SAE 21434 is becoming a recognized standard for cybersecurity processes and functionalities in connected vehicles.

BUREAU VERITAS EXPANDS CYBERSECURITY OFFER WITH SECURA

Bureau Veritas has completed the acquisition of Secura B.V. (starting with a majority stake), an independent service company specializing in cybersecurity services. Secura will be a cornerstone in the cybersecurity strategy of Bureau Veritas. Discover the independent security assessments we provide to our customers in terms of cybersecurity of systems, assets and products against recognized standards. Infographics on BV cybersecurity services vEN

OUR SERVICES

Bureau Veritas is your partner in the world of product security evaluation, compliance and certification. Our portfolio of possible services includes a broad selection of standards and certification schemes, covering multiple product domains. Because of this, we define our services in line with Development, Support and Preparation, Compliance and Testing and Certification, for various types of connected products. This is summarized below.
CONSUMER IOT

Support and Preparation

– Design Reviews – Validation and Penetration Testing

Compliance and Testing

– ETSI EN 303 645 – P-SCAN (product vulnerability scanning)

Certification

– BV IoT Class 1 (CTIA 1) – BV IoT Class 2 (OWASP) – BV IoT Class 3 (ETSI EN 303 645) – Common Criteria Certification – Radio Equipment Directive (RED) – EUROSMART IoT Certification

MEDICAL DEVICES

Support and Preparation

– Design Reviews – Validation and Penetration Testing – Code Reviews – Processes Reviews

Compliance and Testing

– IEC 62443 compliance – UL 2900 compliance

Certification

– UL 2900 Certification – Common Criteria Certification – EU MDR Compliance Gap Analysis – FDA Compliance Gap Analysis

NETWORK PRODUCTS

Support and Preparation

– Design Reviews – Validation and Penetration Testing

Compliance and Testing

– IEC 62443 compliance

Certification

– Common Criteria Certification – BSPA Certification

CONNECTED VEHICLES

Support and Preparation

– Review of Processes and Consultancy in Drafting/Implementation – Workshops on Cybersecurity and Regulatory Requirements – Risk Assessments on Vehicles and Components – Penetration Testing of Components and Systems

Compliance and Testing

– ISO/SAE 21434 Compliance Gap Analysis

Certification

– UNECE Cybersecurity (R155) and Software Updates (R156) Compliance Gap Analysis – UNECE Cybersecurity (R155) and Software Updats (R156) Type Approval – Common Criteria Certification

INDUSTRIAL PRODUCTS

Support and Preparation

– Design Reviews – Validation and Penetration Testing – Review OD Development Processes – IEC 62443 Workshops

Compliance and Testing

– IEC 62443 Compliance gap Analysis

Certification

– IECEE certification (IEC 62443) – Common Criteria Certification