Kiwa can help you. By taking the recent cybersecurity trends into account, Kiwa developed the Remote Access for Remote Services (RARS) scheme, also known as K21048. The RARS scheme is a collection of tests set up by Kiwa that focuses on all different kinds of systems that are connected to the internet; the so called Internet of Things (IoT). An alarm system is a clear example of this kind of product. Together we can create trust in the whole chain of your product and make sure it is future proof.
Remote access: the ability to access a network or computer from afar through the use of a network connection. It enables users to access the systems they need, whilst the users are not physically able to connect directly to it. In this way, it is possible to remotely perform certain actions and operations on systems. Because the hardware and software ecosystem are rapidly changing, the complexity of systems is also increasing. This means that the security risk becomes also higher because the products are collaborating between several components and have multiple factors that influence its overall safety.
Albeit the main concern is data safety, and privacy for the end-user, all the various mechanisms that make the product work and operate, need to meet a certain level of security in order for the whole product to be deemed secure. The RARS scheme offers a solution to this problem and forms a foundation of security whereupon you can build. By combining multiple areas of expertise within one scheme safety and security can be offered integrally.
Producers and manufacturers whom utilize technology to remotely operate or interact in any other way with IoT devices and Alarm Systems.
RARS Scheme: Safe and Secure
In the RARS scheme the following two main aspects are distinguished:
- Physical aspect:
Kiwa tests the quality of the physical product based on existing norms and standards. One can think of EMC, environmental and performance testing on sensors, cameras and panels. For example: how does a sensor react when we confront it with a strong electric shock?
In other words, with audits or reviews we check if the product meets a certain set of requirements (for various topics). Hereby the focus lies on the external qualities of the product.
- Non-Physical aspect:
To test and validate whether the non-physical parts of your product are safe, we check various aspects of your product: Is the application safe? How secure is your password? Where will your data be stored and how secure are the connections between the app and your systems?
As you can see the IoT technology and the software are central in the non-physical aspect wherein a set of tests will cover the requirements for a safe IoT or RARS system. By assessing and validating these aspects, we can guarantee that entering the system remotely will be safe and secure.
By splitting the topic in these two parts we are able to adequately test, inspect and certify the whole chain of IoT technology that is used in your product.
Why a RARS certificate?
When your product complies with the RARS scheme you as a manufacturer or producer can show your system, which is remotely accessible, is actually safe and secure. With the corresponding certificate, you can assure your customers your product is trustworthy, free from security flaws and future proof.
Examples of tests and requirements of the RARS scheme are:
- Checking the Software Development Lifecycle (SDLC)
- Observe security and privacy by design
- Examine password / credential policies
- Reverse engineering of the communication protocol
More information about the scope of our RARS scheme can be found in the brochure on the right end side. The diagram in this brochure elaborates on the RARS scheme using the example of alarm components.