UL Assessment to Verify Security Claims of GE Appliances’ Connected Products Meeting Critical Cybersecurity Benchmarks

By Chantal Polsonetti

Category:
Company and Product News

UL announced that GE Appliances is the world’s first household appliance brand to test its connected products against the UL IoT Security Rating assessment.

 The IoT Security Rating is a security verification and labeling solution for consumer Internet of Things (IoT) products.  This solution aims to help manufacturers and developers demonstrate the security due diligence of their products by leveraging proven security best practices and rating the security posture of IoT products.  This helps to improve the transparency of security with consumers and to assist them in making conscious and informed purchasing decisions.

As part of an ongoing engagement, UL is testing and assessing all connected products on the GE Appliances IoT security platform, including dishwashers, washers, dryers, refrigerators, ovens, water heaters and water softeners to help demonstrate baseline security capabilities and protection of their consumer’s data at the appliance, on the GE Appliances mobile app and in the cloud.

As part of UL’s IoT Security Rating, products are assessed according to their implementation of vital baseline security capabilities.  Those security capabilities are aligned with global industry frameworks and best practices, such as the National Institute of Standards and Technology: Core Cybersecurity Feature Baseline for Securable IoT Devices; A Starting Point for IoT Device Manufacturers (draft NISTIR 8259), European Telecommunications Standards Institute: Cyber Security for Consumer Internet of Things (ETSI TS 103 645) and Council to Secure the Digital Economy: C2 Consensus on IoT Device Baseline Security (CSDE C2 Consensus).

 UL’s IoT Security Rating also helps demonstrate security compliance for meeting the threshold of reasonable security features, as required of manufacturers in the first legally binding regulations for consumer IoT in the California and Oregon Cybersecurity Bills that went into effect January 1.

 

Engage with ARC Advisory Group