EN 17927:2023

Security Evaluation Standard for IoT Platforms (SESIP). An effective methodology for applying cybersecurity assessment and re-use for connected products. EN 17927:2023

General information

Current stage: 60.60 Standard published Nov 8, 2023

Originator: CEN/CENELEC

Owner: CEN/CLC/JTC 13 Cybersecurity and Data Protection

Type: European Norm

ICS: 35.030 IT Security | 35.240.95 Internet applications

Scope

This document describes a cybersecurity evaluation methodology, named SESIP, for components of connected ICT products. Security claims in SESIP are made based on the security services offered by those components. Components can be in hardware and software. SESIP aims to support comparability between and reuse of independent security evaluations. SESIP provides a common set of requirements for the security functionality of components which apply to the foundational components of devices that are not application specific. The methodology describes the re-use of evaluation results.

Related legislation

Legislation related to this standard

2014/53/EU

Directive 2014/53/EU of The European Parliament and of the Council of 16 April 2014 on the harmonisation of the laws of the Member States relating to the making available on the market of radio equipment and repealing Directive 1999/5/EC

Legislation 2014/53/EU

2019/881

Life cycle

NOW

PUBLISHED
EN 17927:2023
60.60 Standard published
Nov 8, 2023