Skip to content
7layers-bureau-veritas-events-news-headline

The UK Product Security and Telecommunications Infrastructure (PSTI) Act

Veröffentlicht am 10 August 2023

The UK Product Security and Telecommunications Infrastructure (PSTI) Act

The UK’s consumer connectable product security regime will come into effect on 29 April 2024. Businesses involved in the supply chains of these products will need to be compliant with this legislative framework from that date.

The regime comprises two pieces of legislation:

  • Part 1 of the Bill : The Product Security measures
  • Part 2 of the Bill : The Telecommunications Infrastructure measures

The Product Security measures (Part 1 of the Bill) will apply to manufacturers, importers, and distributors in the supply chain for consumer connectable products.

Considered Requirements:

The UK Government published the regulations that will enact the UK Product Security and Telecoms Infrastructure (PSTI) Act 2022 which aims to pave the way for new security requirements on ‘consumer connectable products’ to better protect UK home devices from hackers.

Under draft regulations that have been laid before the UK Parliament, the following minimum security standards must be met before consumer devices can be sold in the UK:

  • Universal default and easily guessable default passwords cannot be used on consumer connectable products.
  • Manufacturers must publish information on how long products will receive security updates for. This will include making customers aware of a product’s security update support period before allowing product purchases on the manufacturer’s website.
  • Manufacturers must publish contact information to allow vulnerabilities relating to their devices to be reported.
  • Manufacturers must declare that they are compliant through a ‘Statement of Compliance’. The regulations state that adherence to industry standards ETSI EN 303 645 and/or ISO/IEC 29147 can be used as evidence of compliance.
  • Manufacturers, importers, and distributors of the consumer connected devices will not be able to sell products in the UK if they are not accompanied by a Statement of Compliance.

BV Services: Awareness & Preparation and provide a 3rd Party Assessment for UK,PSTI

Contact us for more information!

Weitere News

12. June 2024

Bureau Veritas is listed as an Authorised Test Laboratory by the Sunspec Alliance for New Energy Cybersecurity Certification!

5. June 2024

Interlab Test Solution Bluetooth RF – ready for Channel Sounding

6. February 2024

Trinidad & Tobago: Validity of certificates is limited to 5 years