Brightsight thumbs up to provide IoT security certification

  • November 6, 2024
  • Steve Rogerson

SGS subsidiary Brightsight has been recognised by GlobalPlatform as a Security Evaluation Standard for IoT Platforms (SESIP) certification body.

SESIP is an optimised security evaluation method for IoT platforms and components. Recently adopted by CEN and CENELEC as European standard EN 17927:2023, it is the cornerstone of EU cyber-security legislation. Based on the ISO 15408 Common Criteria standard, it is tailored for the IoT market and offers advantages such as re-usability, composition and mapping with IoT vertical standards.

The ability to provide this certification service strengthens Brightsight’s position as a cyber-security laboratory, with a one-stop-shop for evaluations and certification.

Brightsight is now fully equipped to issue SESIP certification levels one to three worldwide for IoT platforms and components. Services include new certificate issuance valid for up to two years, or until the product undergoes security-related changes, and certificate renewal to ensure continued certification validity.

“This achievement strengthens our value proposition, positioning us as a comprehensive, one-stop for cyber-security evaluations and certifications,” said Sergio Casanova, CTO of Brightsight. “While our cyber-security evaluation services [ITSEF] and certification body functions remain strictly independent, this focused approach enables us to streamline the evaluation and certification process, while maintaining the highest standards of integrity, impartiality and independence. This allows us to effectively address the full spectrum of our clients’ security needs.”

Gil Bernabeu, chief technology officer at GlobalPlatform, added: “The addition of Brightsight as a GlobalPlatform SESIP certification body further validates SESIP as a globally recognised security evaluation framework. This milestone accelerates our mission to enhance the certification of software and hardware components in secure IoT devices, enabling manufacturers to demonstrate compliance with international cyber-security regulations. Achieving ISO/IEC 17065 accreditation from a national accreditation body for SESIP is a critical element of SESIP governance and paves the way for mutual recognition of SESIP certificates across all GlobalPlatform certification bodies. This development strengthens the SESIP ecosystem and underscores GlobalPlatform’s commitment to advancing and governing robust IoT security standards worldwide.”

Brightsight (www.brightsight.com) joined the SGS testing, inspection and certification company in 2021. It has 40 years of experience in cyber-security evaluations and a growing global network of specialist testing facilities.

GlobalPlatform (globalplatform.org) is a technical standards organisation that facilitates the efficient deployment and management of secure-by-design digital services and devices, delivering end-to-end security, privacy, simplicity and convenience to users.