Cybersecurity Testing and Certification

As the number and diversity of Internet of Things (IoT) devices continue to grow rapidly, assuring the security of these devices is of paramount importance. Through the Ericsson Cybersecurity Testing and Certification program Ericsson offers comprehensive testing to help safeguard IoT devices from growing cybersecurity threats enabling our customers to build with confidence more secure wireless IoT ecosystems.
Ericsson provides cybersecurity testing certification of devices according to industry standards as well as in accordance with standards and regulatory bodies such as GSMA, CTIA and national regulation.
Ericsson provides cybersecurity testing services per the Cellular Telecommunications Industry Association (CTIA) approved test plan and requirements. Ericsson is accredited as a CTIA Authorized Test Lab (CATL) and we are pleased to offer this industry leading capability to our customers. Once testing is complete Ericsson will provide a final report detailing the results of the CTIA cybersecurity testing and register the device within the CTIA cybersecurity certification database.
The benefits of the CTIA Cybersecurity Testing and Certification program for IoT devices include:
  • Test IoT devices per the CTIA cybersecurity test plan in a CTIA authorized test lab
  • Test IoT devices for common cybersecurity vulnerabilities
  • Provide peace-of-mind regarding the cybersecurity performance of tested IoT devices
  • Test IoT devices on LTE and/or Wi-Fi
  • Provide a final report detailing the results of the CTIA cybersecurity testing
  • Register the IoT device within the CTIA cybersecurity certification database upon passing the CTIA approved cybersecurity test plan
In the news CTIA Cybersecurity Downloads Ericsson Security
Ericsson is accredited as a CTIA Authorized Test Lab (CATL) and we are pleased to offer this industry leading capability to our customers.
Per CTIA guidelines, IoT devices are classified into three categories.
Ericsson performs tests on devices in accordance with these three catogories and provides a final report detailing the results of the CTIA cybersecurity testing along with registering the device within the CTIA cybersecurity certification database.
The three CTIA device categories are defined as follows:
 
Category 1
Terms of Service and Privacy Policies, Password  management, Authentication, Access Controls, Patch  management and Software Upgrades.
Examples of devices in this category: In-home Cellular Personal ERS, Traffic Monitor, Consumer Drone, GPS Tracker, GPS Dog Collar
 
Category 2
Includes all Category 1 IoT elements plus the following: Audit Log, Encryption of Data in Transit, Multi-Factor authentication, Remote Deactivation, Secure Boot, Threat Monitoring and IoT Device Identity.
Examples of decvices in this category:  Connected Streetlight, Security Controller, Industrial Router, Security Consol, Mobile Payment Devices
 
Category 3
Includes all Category 1 and Category 2 IoT features plus the following additional security features: Encryption of Data at Rest, Digital Signature Generation and Validation, Tamper Evidence and Design-In Features
Examples of devices in this category: Perishable goods tracking device, Water, Gas, Electricity meters, Blood glucose monitoring meter, Industrial LTE gateway, Secure services gateway