Skip to main content

Certification Levels in RAL ETSI EN 303 645

Let's explore the certification levels in the RAL ETSI EN 303 645, tailored for IoT suppliers like you. Here's a detailed look at each level

Updated over a year ago

Self-Assessment Level:

  • πŸ“’ Declaration: You publicly declare that your product meets security requirements.

  • Process: You assess your product internally against the set security standards.

🀩 Advantage 🀩
​Provides a starting point for demonstrating your commitment to cybersecurity.

Enhanced Level:

  • πŸ“– Validation: You provide evidence that your product is secure.

  • Process: A Third-Party Assessor reviews your technical documentation to confirm compliance.

🀩 Advantage 🀩
​Increases customer confidence by offering external validation of your product's security claims.

Substantial Level:

  • πŸ” Rigorous Examination: A Third-Party Assessors conduct a thorough examination of your product.

  • Process: Third-party assessors review your product's design, perform vulnerability assessments, and conduct functional testing.

🀩 Advantage 🀩
​Assures customers that your product can withstand basic cyber threats and attacks from less skilled adversaries.

High Level:

  • πŸ§ͺ Comprehensive Evaluation: Your product faces the most stringent evaluation.

  • Process: Third-party assessors conduct penetration testing to assess resistance against skilled attackers.

🀩 Advantage 🀩
​Demonstrates your product's resilience against advanced cyber-attacks by highly skilled adversaries.

Each level represents a progressive step towards demonstrating the security robustness of your IoT products. From internal assessments to comprehensive third-party evaluations, the goal remains to ensure your products are equipped to handle cyber threats effectively.

Related Articles
IoT Product Assessment Process for Red Alert Labs (RAL) ETSI EN 303 645
Did this answer your question?