Legislation will set new security framework for smart devices

New legislation will require consumer smart devices to meet three rigorous security requirements for the Internet of Things (IoT), the Department for Digital, Culture, Media and Sport (DCMS) has announced.

Consumer devices such as fridges that can respond to price signals to delay operation or change the amount of power they draw are expected to be important components in reducing grid management costs in future, as are home management services that can manage such variable use to minimise bills.

The new requirements will be:

  • All consumer internet-connected device passwords must be unique and not resettable to any universal factory setting
  • Manufacturers of consumer IoT devices must provide a public point of contact so anyone can report a vulnerability and it will be acted on in a timely manner
  • Manufacturers of consumer IoT devices must explicitly state the minimum length of time for which the device will receive security updates at the point of sale, either in store or online

Digital Minister Matt Warman said: “Our new law will hold firms manufacturing and selling internet-connected devices to account and stop hackers threatening people’s privacy and safety. It will mean robust security standards are built in from the design stage and not bolted on as an afterthought.”

The measures were developed in conjunction with the business industry and the National Cyber Security Centre. They follow on from the government’s voluntary Secure by Design Code of Practice for consumer IoT security launched in 2018. The Code has already been backed by Centrica Hive. DCMS says research suggests there will be 75 billion internet connected devices, such as televisions, cameras, home assistants and their associated services, in homes around the world by the end of 2025.

Read more about the recent consultation here

Further reading

Centrica invests in home energy management startups

From New Power Report: what is a blockchain and what are the energy applications?

The Internet of Things: utilities warned they may lose the customer relationship

Is there a ‘big data’ future for energy suppliers?

Moixa wins Gridshare funding – after learning lessons on recruiting customers

Ofgem announces new round of ‘regulatory sandbox’ programme

Blog: National Grid “in talks” with DeepMind, Google’s artificial intelligence firm


Stay up to date with New Power’s online news. Sign up for our FREE weekly newsletter here 

Search and sort data on UK power assets via New Power’s online Database. Free access for New Power Report subscribers