The world is changing. More and more innovative products are being developed with the ability to connect to the Internet, with the number of connected devices expected to experience major growth over the next few years. Smart home technologies — sensors, monitors, interfaces, appliances and devices networked together to enable home automation[1] — are a big part of this emerging trend. They promise many advantages, including increased efficiencies and security. However, many consumers are reluctant to adopt such technologies due to cyber safety and security concerns.  Manufacturers need to gain consumer confidence in order to successfully bring their smart products to the market. Third-party cybersecurity testing and evaluation can help remove some of the apprehension that consumers may have.

Balancing risks and benefits

Increased adoption of smart home technologies comes down to potential users recognizing the many benefits and determining acceptable levels of risk.[2] Understanding how the benefits can outweigh the potential risks can help them gain confidence in connected technologies.

Energy management is a clear benefit of smart home technologies. For example, smart thermostats and lighting enable users to control temperature, light and humidity, and manage consumption through smartphones, tablets, laptops, PCs or wall-mounted controls.[3] Smart refrigerators are also now WiFi-enabled, allowing users to monitor power usage, get alerts if the door has been left open, and program the unit to take advantage of reduced power rates.[4] Likewise, Wi-Fi-connected ranges allow users to program and control oven settings, cook times and temperatures, and check to see if the cooktop is on, all from an app.[5] With each of these smart home technologies, consumers can realize major energy and cost savings.

Improved security is another advantage of smart home technologies, with smart security systems giving users the ability to monitor the comings and goings of guests, lock doors and arm security systems, all from the convenience of a smartphone. These systems can also send alerts when suspicious activity is detected.[6]

It’s ironic, though, that security — more specifically, cybersecurity — is one of the major risks identified by consumers and, therefore, a barrier to the adoption of smart home technologies. The fear: anytime a new device is connected to the Internet, it becomes possible for someone to access it[7] and, therefore, makes the consumer’s network more susceptible to hackers.

There is, however, a way to help overcome this barrier. Manufacturers need to take measures to ensure that consumer privacy and security are a priority. If these security risks are addressed by the product developer, the benefits of implementing the manufacturer’s smart and connected technologies will far outweigh the risks, and consumer confidence will grow.

Addressing cyber safety concerns

Third-party testing and evaluation can help validate and verify security features of  smart home technology products, which may help increase consumer confidence in the products that have been tested and, as a result, increase the adoption of these products.

CSA Group can help. As a leading global provider of testing, inspection and certification services, CSA Group recognizes the importance of demonstrating the safety and security of connected products to stakeholders, and is committed to helping manufacturers mitigate the risks involved with having Internet-enabled connections between everyday products.

Through its Cybersecurity service, CSA Group works closely with manufacturers to develop tailored solutions that help identify potential issues. At the same time, this service helps manufacturers implement security measures to reduce the chance of intrusion into their equipment or systems.

CSA Group’s Cybersecurity service focuses on four key activities: gap analysis, security development lifecycle assurance, embedded device security assurance, and bench testing.

  • Gap analysis helps to determine the overall areas of cybersecurity weakness in products or processes, and helps identify necessary improvements.
  • Security Development Lifecycle (SDLC) assurance helps manufacturers stay one step ahead of potential security threats by addressing them early in the product lifecycle — even before production begins. An SDLC demonstrates that a business has implemented and uses a product development lifecycle in which cybersecurity is considered at all phases — from design to decommission. It also demonstrates a manufacturer’s capability to supply secure products that conform to the requirements of the IEC 62443 cybersecurity standard – initially developed for industrial control systems but applicable to smart home/smart building systems
  • Embedded Device Security Assurance (EDSA) is designed to assure customers that their embedded devices have been subject to formal evaluation and testing, and meet ISA Secure EDSA specifications. EDSA includes the Functional Security Assessment (FSA), the Software Development Security Assessment (SDSA), and the device Communication Robustness Testing (CRT).
  • Bench testing tests against the Common Weakness Enumeration (CWE) database, product robustness and resilience against known cyber-attacks. In addition, it includes additional security testing such as penetration testing and source code analysis.

Breaking down barriers to adoption

 Third-party testing by a reputable and highly reliable organization like CSA Group enables product manufacturers, particularly those without the capacity or in-house testing expertise, to get their products tested by leading industry experts. And, equally important, it provides the confidence and assurance that they need to bring their products to market. At the same time, it breaks down a major barrier to consumer adoption. If manufacturers can prove that their products have been tested and evaluated by a third-party, consumers will have confidence in that manufacturer’s product, giving them a major competitive advantage.