Security certification for connected lighting
Signify has been awarded the security certification for its connected lighting development process (IEC62443-4-1) by DEKRA. This confirms that the company's development of connected lighting systems is based on a certified secure development process and illustrates the company’s leadership in embedding security in all aspects of its innovations, products, systems, and services.
Central elements of the IEC62443-4-1 certification are a threat analysis based on the use case scenario and a product development process which ensures that all identified security requirements are implemented, verified, tested, and documented with traceability. Signify has satisfied all requirements in this process. In addition, Signify has demonstrated its ability to react fast and appropriately to newly discovered security vulnerabilities and publish security updates in a reliable manner.
International expert organization DEKRA evaluated Signify’s development process on the IEC 62443-4-1 fundamental security requirements. “We are proud to award the IECEE CB and DEKRA SEAL certification to Signify. As global partner for a safe and connected world, we know that security is key in today’s world. The IEC 62443 standards are the perfect tools to ensure safety and security at work, home and on the road,” said Bram Holtus, Managing Director of DEKRA Certification B.V.
Signify meets all requirements set out in the standard by rigorously following its Signify Security Development Lifecycle (SDL) in all internal and external development activities. Major components of the SDL are a security risk analysis and threat modelling, code analysis verification and validation testing, and continuous vulnerability management.
“Connected lighting systems are core to our business and our future. This DEKRA certification is testament to our commitment to provide our customers with the most secure connected lighting products, systems and services. All of which are built on a strong foundation of industry standards, governance, and procedures,” added Harsh Chitale, Business Group Leader Professional at Signify. “As a growing group of businesses and governments are implementing connected technologies, maintaining the highest standards of security are both crucial and invaluable to us.”
Connected lighting systems combine connected luminaires, sensors, and other lighting system devices with Signify’s Interact software and services. Because they embed two-way data communications, connected lighting system devices participate in the Internet of Things (IoT).
As connected lighting systems become more deeply embedded in core building and street lighting networks, security implementations, processes and responsibilities are more crucial and therefore more valuable.
Interact employs state-of-the-art cyber security measures at all layers of the system architecture. From secure system development, to device, network and cloud security, system monitoring, and secure device updates.