Audio and Video

CSA launches specification to unify IoT cybersecurity

18 March 2024

The Connectivity Standards Alliance (CSA) has launched the internet of things (IoT) device security specification 1.0, a bid to establish a unified cybersecurity standard and certification program for smart devices.

Called the IoT Device Security Specification 1.0, the goal is to provide manufacturers with a way to certify devices that comply with multiple international regulations and standards more easily.

The specification includes dozens of security provisions for IoT devices. Manufacturers must demonstrate compliance with these provisions, supplying justifications and evidence in security evaluation and experience when certifying IoT products.

The specification allows for:

  • Unique identity for each IoT device
  • No hardcoded default passwords
  • Secure storage of sensitive data on a device
  • Secure communications of security-relevant information
  • Secure software updates throughout the support period
  • Secure development process, including vulnerability management
  • Public documentation regarding security, including the support period

Why it is needed

As more consumer IoT devices are adopted, more incidents involving breaches and malicious device hijackings arise. To combat this, the CSA is working to consolidate the requirements from the three most popular IoT cybersecurity baselines from the U.S., Singapore and Europe. These will be added into a single specification and certification program.

The CSA said the effort will allow companies to address regulatory regimes’ requirements as well as give consumers and regulators confidence in the security of these IoT devices.

Nearly 200 member companies including Amazon, Arm, Comcast, Google, Infineon, NXP Semiconductors, Schneider Electric, Signify and Silicon Labs have pooled their related technologies and innovations into the specification and accompanying certification program.

To contact the author of this article, email

Powered by CR4, the Engineering Community

Discussion – 0 comments

By posting a comment you confirm that you have read and accept our Posting Rules and Terms of Use.
Engineering Newsletter Signup
Get the GlobalSpec
Stay up to date on:
Features the top stories, latest news, charts, insights and more on the end-to-end electronics value chain.
Weekly Newsletter
Get news, research, and analysis
on the Electronics industry in your
inbox every week - for FREE
Sign up for our FREE eNewsletter