Multi-stage successful testing of IoT devices by TÜV TRUST IT GmbH, part of the TÜV AUSTRIA Group.
Security and trustworthiness are among the key quality features of IoT devices. Bosch has received a Trusted IoT Device certification from TÜV TRUST IT for the components of its Smart Home Security Starter Package, as this product exemplarily combines functionality, data protection, and information security.
Bosch’s global operations are divided into four business sectors: Mobility Solutions, Industrial Technology, Consumer Goods, and Energy and Building Technology. With its diverse fields of activity, Bosch is also active in the Internet of Things (IoT) sector and offers Smart Home solutions. These allow customers to automatically monitor and control regular routines at home.
However, as internet-based IoT devices become more interconnected, they also present greater attack surfaces for unauthorized access. Therefore, it is essential to have these devices reviewed by an independent lab and to pay close attention to their security quality during development. Bosch commissioned TÜV TRUST IT to certify its “Smart Home Security Starter Package.” In addition to the Smart Home Controller as the central control unit, the package includes motion detectors, smoke detectors, and wireless door/window contacts. Together, these components provide essential protection against burglary and fire. The system is operated via an app.
To ensure the security and trustworthiness of these IoT products, they were tested based on the TÜV TRUST IT “TÜV Trusted IoT Device” catalog. This was done through a multi-stage process. First, a security analysis of the product concepts was conducted. The functions of the underlying software and hardware architecture were evaluated against relevant security recommendations, recognized references, and best practices.
The second phase involved an app analysis on Android and iOS platforms. The evaluation was based on context-specific, threat-oriented requirements. The app was semi-automatically checked for existing vulnerabilities and potential attack vectors. In the third step, a black-box security analysis of the Smart Home Controller and the three other end devices was carried out. To assess the devices’ security against attackers in the local network, a penetration test was conducted by a TÜV TRUST IT test team that was not involved in the concept review and therefore had no insider knowledge.
“The Smart Home Security Starter Package from Bosch is an exemplary IoT device that clearly demonstrates how functionality, data protection, and information security can be successfully combined,” says Hendrik Dettmer, Head of the IoT Security Lab at TÜV TRUST IT, evaluating the certification result as a “TÜV Trusted IoT Device.” “The solution’s architecture is well-designed from a security perspective, and the confidentiality of customer data is ensured,” he emphasizes.
“Data security and privacy are top priorities at Bosch Smart Home, which is why we ensure maximum security. We are therefore pleased that this has now been confirmed by the TÜV certificate from a respected independent testing institute,” says Heiko Füllemann, responsible for portfolio management at Bosch Smart Home.