MSIT and KISA signed an MoU with CSA of Singapore for mutual recognition of IoT security certification systems
The Ministry of Science and ICT (Minister Lee Jong ho, hereinafter referred to as "MSIT") and the Korea Internet & Security Agency (President Lee Won Tae, hereinafter "KISA") announced that they signed a Memorandum of Understanding (MoU) with the Singaporean Cyber Security Agency (hereinafter "CSA") regarding the mutual recognition of Internet of Things (IoT) security certification systems between South Korea and Singapore, on December 14th (Thursday).
* Based on Article 48-6 (Certification of devices and the like connected to information and communications networks) of the "Act on Promotion of Information and Communications Network Utilization and Information Protection," MSIT determines and notifies certification standards for IoT technology applied in 8 fields of concern, namely home appliances, transportation, finance, smart city, medicine, manufacturing and production, housing, and communications.
This event marks the first official step towards working-level cooperation. For the coming 6 months, comparative analyses between the IoT security certification systems of both countries will take place to complete the equivalence assessment. The goal is to sign the "Mutual Recognition Agreement on IoT Security Certification Systems" by the latter half of next year.
Once the MRA on IoT security certification systems between the two countries comes into effect, not only the international credibility of domestic IoT products certified for security will be significantly improved, but also the burden of obtaining a local certification will be removed. This will result in substantial savings of time and costs when domestic IoT products are exported to Singapore, allowing for Korean products to gain a competitive advantage over products from other countries in terms of price, quality, and consumer trust.
* Singapore ranks 7th in the list of Korea's top export countries, as of 2022. (Source: Statistics by Korea International Trade Association)
Domestically, with the increased national trust in certified IoT products, a growth momentum for IoT security certification demands in various fields beyond the existing focus on IoT devices in the housing sector, such as home security wall-pad devices in apartment complexes, could be strengthened. This expansion is anticipated to encompass fields including home appliances, transportation, manufacturing, finance, smart city, medicine, and communications.
Moreover, Singapore has already established MRAs on IoT security certification systems with countries such as Germany and Finland. This implies not only that the international credibility of the Korean IoT security certification system will be enhanced, but also an increase in the likelihood for Korea to sign IoT security certification MRAs with European countries, such as aforementioned Germany and Finland.
Currently, the United States and European countries are either operating or preparing their respective IoT security certification systems. Considering this, the MRA on IoT security certification systems between South Korea and Singapore will establish an institutional foundation to flexibly respond to international regulatory trends.
Meanwhile, the Korean IoT security certification system is an optional certification justified under Article 48-6 of the "Act on Promotion of Information and Communications Network Utilization and Information Protection." KISA, a specialized organization under MSIT, serves as the designated agency for issuing the IoT security certification.
* According to Article 48-6 of the "Act on Promotion of Information and Communications Network Utilization and Information Protection," MSIT shall designate a testing agency responsible for the certification process, which currently is KISA in case of Korea. In case of Singapore, CSA is responsible for overseeing the Cybersecurity Labelling Scheme (CLS), an equivalent of Korea's IoT security certification system.
The certification authorities of both countries have agreed to directly sign an MoU in order to move on to signing the MRA with substantive effects, which will in turn allow for mutual and equal benefits for two parties. Specifically, this MoU between the Korean KISA and the Singaporean CSA aims to expedite working-level operations and contains agreements to commence such efforts in a timely manner.
Subsequently, both countries will engage in deliberations on the details of two certification systems, based on comparative analyses of the systems including matters related to certification levels and lower-level procedures. If equivalence in the certification standards is confirmed, KISA and CSA will proceed with the final signing of the Mutual Recognition Agreement (MRA) thereof, which is expected to be the first case of its kind in Korea.
* Comparison to be made between the Korean certification standard (ITU-T X.1352) and the Singaporean standard (EN 303 645).
MSIT and KISA have undertaken proactive approach to prepare for the MRA on IoT security certification systems with Singapore, including seeking administrative advice from relevant ministries and agencies, such as the Ministry of Foreign Affairs (Embassy of the Republic of Korea to the Republic of Singapore) and the Global Certification Support Center (Ministry of Trade, Industry, and Energy, and Korean Standards Association). Such approach had made the event held on this day possible.
MSIT Deputy Minister Hong Jin Bae of the Office of Network Policy emphasized that the establishment of a cooperative system with Singapore provides a great opportunity for domestic IoT products certified for security, to prove its excellence to the global market. He stated, "MSIT will operate a systematic certification system, while establishing a continuous cooperation framework with various countries around the world, to support Korean IoT businesses in manufacturing, distributing, and exporting excellent products."
For further information, please contact the Public Relations Division (Phone: +82-44-202-4034, E-mail: msitmedia@korea.kr) of the Ministry of Science and ICT.
Please refer to the attached PDF.