research Archives - Dossproject


DigiCert 2024 State of Digital Trust Report

The DigiCert 2024 State of Digital Trust Report examined four specific digital trust areas, one of them being IoT & Connected Devices. Survey participants represented companies that manufactured and sold IoT devices or connected devices to customers. 93% of those surveyed had experienced data breaches. Many of these occurred because…

The UK Product Security and Telecommunications Infrastructure (PSTI) Regulation comes into force on 29 April 2024

The PSTI applies to all “internet connectable products” and “network connectable products” (together “relevant connectable products”), except for “exempted products”. While the definition of relevant connectable products is rather complex, all M2M, IoT products, including connected vehicles and smart TV as well as home Wi-Fi routers belong in the scope. The PSTI…

The Federal Communications Commission approves “U.S. Cyber Trust Mark” labeling program for consumer IoT products

On 14. March 2024, the US Federal Communications Commission (FCC) approved, based on criteria developed by the NIST, a voluntary program that would create a cybersecurity label for consumer IoT and smart devices, like (not limited to) home security cameras, voice-activated shopping devices, internet-connected appliances, fitness trackers, garage door openers,…

DOSS Project Newsletter No. 1

This is the 1st edition of the DOSS Newsletter. In this issue, we provide a brief insight into the initial progress of our work. We only started the project in September 2023, but we already made substantial progress in terms of the analysis of standards and industry specifications, threat analysis,…

First Union Rolling Work Programme for European cybersecurity certification

On 7. February 2024, the Commission published the first Union Rolling Work Programme for European cybersecurity certification. The work programme fulfils the requirement of the Cybersecurity Act, Title III: the European Cybersecurity Certification Framework, for the establishment of voluntary European cybersecurity certification schemes. While three European cybersecurity certification schemes under…