Choose another country to see content specific to your location

//Select a site

Cybersecurity Labelling Scheme from Cyber Security Agency of Singapore (CSA)

With the rapid increase in users of Internet of Things (IoT) products and improvements to IoT technology, many consumer IoT products have been designed to optimise functionality and short go-to-market period. Due to the fast rate of launching IoT products, there many not have been many checks in these products for cybersecurity and products might have little to no security features built-in. This gap gives hackers an opportunity to attack such product and gain access to consumers’ information and data.

WHAT IS THE CYBER SECURITY AGENCY OF SINGAPORE’S CYBERSECURITY LABELLING SCHEME?

As an effort to improve the IoT cybersecurity, the Cyber Security Agency of Singapore (CSA) has launched the Cybersecurity Labelling Scheme (CLS) for consumer smart devices. This will help to raise the overall cybersecurity hygiene levels in smart devices and better secure the cyberspace of Singapore. CSA has introduced the CLS to Wi-Fi routers and smart home hubs as a start. In Jan 2021, CSA has expanded the scheme to cover all type of consumer IoT devices. To encourage adoption of the scheme, CSA will be waiving application fees for the CLS up till 6 October 2021.

Under the CLS, there are 4 levels of cybersecurity provisions that the smart devices can be rated into. The CLS is represented by one, two, three, or four asterisks corresponding to level 1 through 4. Each additional asterisk represents an additional level of testing and assessment that the smart devices has comply with.

Below is a breakdown of the cybersecurity provisions for each level:

  • Level 1 - The product meets basic security requirements such as ensuring unique default passwords and providing software updates.
  • Level 2 - The product has been developed using the principles of Security-by-Design such as conducting threat risk assessment, critical design review and acceptance tests, and fulfilled Level 1 requirements.
  • Level 3 - The product has undergone assessment of software binaries by approved third-party test labs, and fulfilled Level 2 requirements.
  • Level 4 - The product has undergone structured penetration tests by approved third-party test labs and fulfilled Level 3 requirements.

WHY IS CLS IMPORTANT?

As most consumers do not understand the technicalities and the information on the amount of cybersecurity that is built into smart devices is not readily available, consumers are not able to make informed decisions when buying such smart devices. With the introduction of CLS, consumers are able to understand the level of cybersecurity measures that is built into the smart devices. The CLS will be an important benchmark to consumers on the security of smart devices when they are making purchase decisions.

WHY CHOOSE TÜV SÜD FOR CSA'S CLS?

TÜV SÜD can facilitate and review your smart devices based on CSA's CLS levels 1 to 4. We have a well-versed team that is familiar with the security requirements and evaluation of various consumer IoT products. TÜV SÜD's team is able to access global expertise and tools in the cybersecurity test requirements and provide the option of expanding accessibility to global markets. 

We are a one stop solution for your testing and certification needs with services that expand beyond security. 


YOUR BENEFITS AT A GLANCE

  • Gain competitive edge – by complying to the CSA requirements for smart devices and allow consumers to understand the cybersecurity of the your product.
  • Minimise risks – by testing your smart devices according to an established cybersecurity guideline from the Singapore government.
  • Proof of quality – by using the CLS mark to signal the cybersecurity of your smart devices to the consumers.

EXPLORE

Consumer IoT Security
Stories

Consumer IoT Security

How can we ready ourselves in the face of cyber attacks?

Learn more

Smart safe secure

Smart, safe and secure

Capitalise on new opportunities with our smart home testing and certification services

Download

Consumer Products and Retail Essentials
E-ssentials

Consumer Products & Retail E-ssentials

Consumer trust is key when you manufacture or retail products that are part of everyone’s daily life

Learn more

Digital payments

Digital payments

Ensure compliance of EMV and other schemes for cards, terminals and devices

Download

Wearable Devices
White paper

Wearables: Safety beyond compliance

Understand the tests needed for the safety and reliability aspects

Learn more

VIEW ALL INDUSTRY RESOURCES

Next Steps

Site Selector

Global

Americas

Asia

Europe

Middle East and Africa