Press Release: The first Hungarian cybersecurity laboratory has been established under the IECEE CB scheme

PRESS RELEASE

‍

CCLab Ltd. has successfully completed the CBTL audit and obtained authorization as a CB Testing Laboratory (CBTL) under the international IECEE CB scheme. Based in Hungary,  CCLab successfully extended its cybersecurity testing, evaluation, and certification capabilities officially on 24th May, 2024, for consumer IoT devices compliant with ETSI EN 303 645 and industrial automation and control systems specialized in IEC 62443-4-1 /4-2 standards within the IECEE CB scheme. Certificates issued under the CB scheme are currently accepted in over 50 countries.

CCLab Ltd., in collaboration with QIMA Germany, is one of the first international National Certification Bodies (NCB)  and CB Testing Laboratories (CBTL) to receive accreditation under the IECEE (International Electrotechnical Commission System for Conformity Testing and Certification of Electrical Equipment) CB (Certification Bodies) scheme for ETSI EN 303 645  standard - “Cybersecurity for Consumer IoT devices (CIoT)”- as well as the IEC 62443-4-1 and 4-2 standards for industrial automation and control systems. The IECEE CB scheme now officially recognizes CCLab to conduct tests according to the relevant standards for CIoT products or industrial control systems, and to issue CB certificates and test reports on compliance with the standards above. CB Scheme is the largest certification system for electrical devices, where the certificates are accepted in more than 50 member countries.

ETSI EN 303 645 is a globally recognized standard that defines critical cybersecurity requirements for consumer IoT devices and serves as the basis for developing IoT certification schemes in various regions.

Compliance with the standard involves the evaluation of 33 provisions during the device’s cybersecurity assessment by the testing laboratory, based on the 3 documents specified in the standard. These documents include the Implementation of eXtra Information for Testing (IXIT), Implementation Conformance Statement (ICS), and Device Under Test (DUT), where the latter provides detailed information for the tested device’s identification.

IEC 62443 is an international series of standards that regulates the cybersecurity of industrial automation and control systems (OT, Operational Technology). Sub-parts 62443-4-1 and 62443-4-2 of IEC 62443, collectively define technical guidelines for improving the cybersecurity of industrial control systems.

Part 4-2 of the IEC 62443 contains the cybersecurity requirements for control systems and components, while Part 4-1 specifies the requirements for the secure development life cycle of these products.  The standard family helps protect industrial systems by providing measures for defending against cybersecurity threats and ensuring compliance.

The IECEE CB scheme provides a global framework for mutual acceptance of test reports and certificates regarding the safety of electrical and electronic components, equipment, and products at an international level.  The scheme facilitates the entry of products with CB certification and test reports into global markets, significantly reducing manufacturers’ costs and easing international trade.

Through inclusion in the CB scheme, CCLab has further expanded its service portfolio for cybersecurity evaluation and certification of the aforementioned categories, offering even greater value to its clients. Cybersecurity is a horizontal requirement category, like EMC, within the CB scheme that can be applied to every connected device. Thanks to services according to ETSI EN 303 645 and IEC 62443-4-1/4-2 standards, the tested products can get internationally recognized certification, guaranteeing compliance with the latest cybersecurity requirements for protecting sensitive data, users and the environment.