What it means to be the world’s first IoT platform to earn UL cybersecurity certification

This past week, the world learned how critical basic cybersecurity can be.

The exploitation of unpatched computers, for example, is a cautionary tale of critical operations crippled by ransomware, something that could have been avoided if security updates that were available from the software vendor had been fully deployed.

One of the fathers of the Internet, Vint Cerf, has warned that just slapping together open source code and operating systems without integrating a rigorous IoT-specific security regime is a recipe for disaster — a statement borne out by the continuing evolution in the sophistication of malware targeting embedded Linux systems, following on from the infamous Mirai botnet. Such malware is becoming more powerful and insidious with every generation.

The political rhetoric is heating up as well. The US Director of National Intelligence recently warned of a future where insecure IoT devices will impact everything from global intelligence operations to computer networks, public and private.

At some point, we all have to get real about IoT security.

At Electric Imp, we have always been serious about cybersecurity and protecting our customers’ connected devices.

That is why we’re extremely proud to announce that the Electric Imp Platform is the first IoT platform to be independently certified to UL® 2900-2-2 (Standard for Software Cybersecurity for Network-Connectable Devices, Part 2-2: Particular Requirements for Industrial Control Systems).

In addition, the Electric Imp Platform is the first IoT platform that enables product manufacturers and customers to take advantage of the new UL Certified Cybersecurity Software Implementation Solution. Many Electric Imp customers have expressed concern about their lack of engineering resources and expertise, time for documentation and testing, and other costs and fees required to gain certifications. That time, effort and cost are all significantly cut now that our customers only need certify the incremental parts of their product not already included in the comprehensive, pre-certified Electric Imp Platform.

“I’m pleased to see that Electric Imp has proactively received UL 2900-2-2 certification for the cybersecurity of their IoT platform,” states Rachna Stegall, director of connected technologies at UL. “UL 2900-2-2 testing criteria is for Industrial Control Systems to assess software vulnerabilities and weaknesses, minimize exploitation, address known malware and review security controls. Software developers and product manufacturers that select a UL certified platform, and also get their product UL certified, have greater peace of mind in their cyber due diligence.”

At Electric Imp, we’re always looking for ways to make connecting to the Internet easier, more affordable and even more secure. With UL 2900-2-2 certification and the new Certified Cybersecurity Software Implementation Solution, product and service companies that build on the Electric Imp Platform effectively do their cyber due diligence as well. The result is that their customers and distributors can tap the advantages of IoT with confidence.

See the full press release for more details.

Hugo Fiennes,
CEO and co-founder,
Electric Imp

Electric Imp Blog

Leave a Reply

Your email address will not be published. Required fields are marked *