TR 91:2021

Cybersecurity labelling for consumer IoT

OVERVIEW

This standard introduces a multi-levelled and cost-effective cybersecurity labelling for consumer IoT. It aims to raise the cybersecurity hygiene of the IoT ecosystem by improving the transparency of cybersecurity provisions. Cybersecurity labelling for consumer IoT provides a basic level of security assurance through the elimination of common vulnerabilities using a simple, tiered, and progressive assessment model for IoT devices that avoids resource-intensive security evaluations.

It also provides a basic level of security hygiene which is typically expected for consumer IoT, i.e. to be able to deter casual adversaries utilising common attack vectors such as default factory credentials or the exploitation of vulnerable protocols. It does not offer formal security assurance. Given sufficient time, determined adversaries who possess advanced skillsets and tools can be capable of compromising such IoT devices, regardless of whether it is labelled. Users seeking higher security assurance – e.g. enterprise, manufacturing, industrial applications and healthcare – are strongly recommended to consider devices certified under formal evaluation and certification schemes

Preview

COMMENTS

-

PRODUCT DETAILS

Status Current
Edition 2021
No. of Pages 23
ICS Classification 35.030 IT Security
Committee Information Technology Standards Committee
Available for Purchase Global
Adoption -

Managed by TOPPAN NEXT Pte. Ltd.

Enterprise Singapore's appointed distributor of

EnterpriseSG Standards Publications and Overseas Standards.

© 2025 Enterprise Singapore

All Rights Reserved