News

CTTL Terminal Labs has been authorized by GP for SESIP certification, leading the IoT security assessment to a new level

Author:CTTL-T Published at:2026-03-06

In the context of the rapid development of the Internet of Things industry, Internet of Things security has become the core cornerstone of high-quality industrial development. As two important standard systems in the field of IoT security, SESIP and PSA jointly provide technical foundation guarantee for the security of the IoT industry chain. SESIP provides a systematic security assessment framework for IoT platforms and key security components, and builds systematic security technical requirements based on IoT device security best practices PSA, covering the security specifications of the entire product life cycle from design, research and development to application, providing comprehensive guidance for IoT security assessment and effectively supporting the improvement of security capabilities in the IoT industry.

Recently, on the basis of PSA evaluation qualification, the CTTL Terminal Labs (CTTL-T) of the China Academy of Information and Communications Technology (CAICT) has once again successfully obtained the SESIP evaluation qualification authorization (official website: https://globalplatform.org/sesip-lab/) from the GlobalPlatform organization and the TrustCB certification body, which is another recognition of the technical capabilities and service level of the laboratory by the industry. At present, the laboratory has both SESIP and PSA evaluation and certification qualifications, and continues to rank first in the field of international Internet of Things security evaluation with efficient evaluation services and strong technical strength, leading the Internet of Things security assessment to a new height.


CTTL authorized by GP as PSA and SESIP security lab

Efficient assessment services are the core advantages of laboratories to provide high-quality certification services for enterprises. With a standardized testing system and refined project management, the laboratory has completed the evaluation analysis and penetration test in advance in a number of PSA certification services, efficiently assisted customers in obtaining PSA certification certificates, significantly shortened the safety certification cycle of customer products, and seized the opportunity for products to be quickly introduced to the market.

Strong technical strength is a solid guarantee for the laboratory to provide high-quality certification services for enterprises. The laboratory has a professional chip, operating system and terminal security technical team, which follows the requirements of PSA Level 1, Level 2 and Level 3 standards, and carries out technical evaluation of the whole process through code review, tool scanning, penetration testing, etc., to investigate potential safety hazards of products for customers and accurately study and judge the safety problems of products. For example, when remotely authenticating and testing the chip of an enterprise's IoT device, it was found that its system abnormally entered a suspended state, and there was a parameter configuration error in the power consumption module of the chip that was successfully located. At the same time, the laboratory provides targeted technical rectification plans for enterprises, helps enterprises optimize the safety design and development of products, improves product safety protection capabilities from the root, and helps products reach the international advanced safety level.

As the earliest institution in China to carry out PSA evaluation services, since the launch of PSA certification business in 2019, the laboratory has successfully helped more than 50 enterprises successfully obtain PSA Level 1, Level 2 and Level 3 certifications, covering leading enterprises in the field of chip design and manufacturing such as Unisoc Zhanrui, ZTE Microelectronics, Ruisheng Microelectronics, Nuvoton, Zhixin Microelectronics, etc., establishing a professional and efficient service reputation in the industry, and becoming an important partner in the field of enterprise layout in the field of Internet of Things security. This also marks that the laboratory has mature and professional safety technology evaluation capabilities in the field of SESIP evaluation services, and as a PSA-certified laboratory based on the SESIP method, it can obtain both PSA and SESIP dual certification for enterprises through a single assessment.

At present, the laboratory has completed the security evaluation of hundreds of IoT products, covering smartphones, handheld terminals, Bluetooth headsets, smart bracelets, laptops, IoT gateways, etc., and provides enterprises with a number of authoritative certification services such as EU EN 18031-1/-2/-3, ETSI EN 303 645 and China CCRC. In the future, the laboratory will continue to give full play to its technical and resource advantages in the field of Internet of Things security testing and certification, and provide more professional, efficient and comprehensive security evaluation and certification services for enterprises in all links of the Internet of Things industry chain such as chip design, software development, and equipment manufacturing, so as to continue to help enterprises build a solid line of defense for product security and escort the safe development of the IoT industry.


If you want to inquire about SESIP and PSA certification, CCRC certification (China Cybersecurity Review Technology and Certification Center certification), please contact us!

Mrs. Yuan

13910330232

yuanqi@caict.ac.cn