Accelerate Your Product's Compliance Journey with Global Certification Support
CNLABS enables faster and more efficient certification across cybersecurity, networking, and safety domains. We support pre-cert testing, documentation, lab coordination, and readiness for global programs.
Global Certification Support
We support certification across multiple domains with deep expertise in international standards and requirements
Cybersecurity Certifications
EU RED
European Union Radio Equipment Directive certification
Cybersecurity compliance under Article 3(3)(d), (e), and (f) for radio-enabled products
CRA (EU)
Cyber Resilience Act
European regulation for cybersecurity of digital products
BIS Certification (India)
Mandatory CRS Registration for CCTV Cameras & Recorders
Compliance with IS 13252 (Part 1) standards for Indian market entry
ITSAR (India)
Indian Telecom Security Assurance Requirements
Security assurance standards for telecom equipment & infrastructureSecurity assurance standards for telecom equipment & infrastructure
FIPS 140-3
Federal Information Processing Standard for cryptographic modules
Hardware and software security validation
Common Criteria (CC)
International standard for computer security certification
EAL1–EAL7 evaluation assurance levels
MUD-CCF
Manufacturer Usage Description – Certification & Conformance Framework
Standardized testing and certification framework for validating IoT device compliance with the IETF MUD specification
ETSI EN 303 645
Cybersecurity Standard for Consumer Internet of Things (IoT) Devices
European telecommunications standard defining baseline security requirements for connected consumer products
EU RED
Under Commission Delegated Regulation (EU) 2022/30, cybersecurity requirements under Article 3(3)(d), (e), and (f) of the EU Radio Equipment Directive became mandatory from 1 August 2025.
Compliance with these requirements is supported through the harmonised EN 18031 standards:
- EN 18031-1 → Article 3(3)(d)
- EN 18031-2 → Article 3(3)(e)
- EN 18031-3 → Article 3(3)(f)
All radio equipment placed on the EU market must now comply with these requirements.
Key Cybersecurity Objectives Under EU RED Article 3(3)(d), (e), and (f)
Network protection (Article 3(3)(d))
Requirements to ensure radio equipment does not harm network operations or misuse network resources.
Protection of personal data and privacy (Article 3(3)(e))
Requirements to safeguard personal data and communications through built-in security measures.
Fraud prevention (Article 3(3)(f))
Requirements to reduce fraud risks in equipment involved in financial or sensitive transactions through appropriate security controls.
Why CNLABS for EU RED Cybersecurity Compliance?
- ISO/IEC 17025:2017 accredited testing recognized under the ILAC Mutual Recognition Arrangement (MRA) for the EN 18031 series and ETSI EN 303 645 standards
- Prepares products for EU RED Article 3(3) cybersecurity readiness before formal conformity assessment
- Performs EN 18031 pre-compliance gap analysis and testing
- Identifies the applicable EN 18031 standard(s) for each product
- Supports technical documentation and evidence for CE marking and notified-body review
- Assesses product cybersecurity risks and compliance impact of updates
- Supports testing across all radio-enabled devices — consumer, industrial, network, payment, and privacy-sensitive products
CRA (EU)
The EU Cyber Resilience Act introduces mandatory cybersecurity requirements for all products with digital elements placed on the EU market. It applies across connected devices, embedded software, applications, and systems, covering the full product lifecycle.
Core CRA Cybersecurity Requirements
- Secure-by-design and secure default configurations
- Continuous vulnerability management and patching
- Security updates throughout the supported product lifetime
- Mandatory vulnerability monitoring and incident reporting
- Software Bill of Materials (SBOM) for transparency
Key CRA Compliance Timeline
- December 2024 - Regulation in force
- September 2026 - Vulnerability reporting obligations
- December 2027 - Full product compliance required
Why CNLABS for CRA Compliance?
- Performs CRA pre-compliance readiness and gap analysis against regulatory cybersecurity requirements
- Assesses secure-by-design and secure-by-default controls as required by the CRA
- Evaluates vulnerability handling, patching, and update processes across the product lifecycle
- Supports SBOM review and documentation to meet CRA transparency obligations
- Assists with compliance evidence and technical documentation for market surveillance authorities
- Provides security testing across IT, IoT and OT products
BIS Certification (India)
The Bureau of Indian Standards (BIS) introduced Essential Security Requirements (ER-01:2024 / IS 99999:2024) to strengthen cybersecurity and trust in CCTV cameras and recorders manufactured, imported, or sold in India. The framework enforces security controls across hardware, firmware, communications, and the product development lifecycle.
Core Security Pillars Under BIS CCTV ER-01:2024
Hardware Level Security Controls
Requirements addressing physical interface protection, secure boot mechanisms, device-unique credentials, and secure storage of sensitive material.
Software and Firmware Security Controls
Requirements covering secure coding practices, memory protection, encrypted communication, and authenticated firmware updates.
Secure Communication and Supply Chain Controls
Requirements related to protected network communication, protocol transparency, and verification of trusted component sourcing.
Security in Product Development and Manufacturing
Requirements ensuring documented hardware architecture, malware checks, and controlled manufacturing and supply chain security processes.
Why CNLABS for BIS CCTV Compliance?
- First BIS-recognized private laboratory for CCTV security testing under IS 99999:2024
- Conducts structured pre-compliance gap assessments across hardware, firmware, and security controls
- Delivers evidence-based technical findings with clear remediation guidance
- Prioritizes certification-blocking issues versus improvement areas
- Validates fixes through focused re-testing before formal certification
- Prepares OEMs to approach government labs for final compliance with first-attempt success
ITSAR (India)
The Indian Telecom Security Assurance Requirements (ITSAR) is a mandatory cybersecurity certification framework issued by the Department of Telecommunications for telecom equipment deployed in licensed networks in India.
The program is implemented through NCCS - National Centre for Communication Security and applies to a wide range of network and access infrastructure used by telecom service providers.
Products covered under notified ITSAR categories must meet defined security requirements before they can be deployed in Indian telecom networks.
Typical ITSAR Product Scope Includes
- Firewalls and security gateways
- IP routers and switching equipment
- Wi-Fi CPE and broadband access devices
- Optical access equipment such as OLT and ONT
- Telecom network elements and management systems
Why CNLABS for ITSAR Readiness?
- Performs ITSAR pre-compliance security testing and gap analysis
- Identifies deviations across firmware, software, and processes
- Provides evidence-based findings and remediation guidance
- Issues detailed ITSAR pre-compliance test reports with security findings
- Helps OEMs achieve first-time success in formal certification testing
FIPS 140-3
The Federal Information Processing Standard (FIPS) is a set of standards for information processing systems that all U.S. federal agencies, contractors, and vendors must adhere to.
Among the many standards available as part of FIPS, the FIPS 140-3 verifies the Security Requirements of Cryptographic Modules. The standards are developed and maintained by the NIST.
FIPS 140-3 maps to the ISO/IEC 19790 as the standard and ISO/IEC 24759 as the test specification.
NVLAP & CMVP
- The National Voluntary Laboratory Accreditation Program (NVLAP) provides third-party accreditation to testing and calibration laboratories.
- NVLAP-accredited laboratories are assessed against the management and technical requirements published in the International Standard, ISO/IEC 17025:2017.
- The Cryptographic Module Validation Program (CMVP) was established by the NIST and the Canadian Centre for Cyber Security (CCCS) to oversee testing results of Cryptographic Modules by accredited third party laboratories.
- As per FIPS 140-3, a crypto module is a set of hardware, software, firmware, or a combination thereof that implements cryptographic functions and is contained within a defined cryptographic boundary.
FIPS 140-3 TESTING APPLICABILITY
FIPS 140-3 tests and certifies the cryptographic module itself, not the entire product that uses it. The cryptographic module could be:
- A standalone hardware device (like an HSM)
- A software library (like OpenSSL FIPS module)
- A firmware component (like crypto firmware in a secure element)
- Or a combination of the above
CNLABS is actively building its FIPS 140-3 readiness and validation capability to support vendors preparing for next-generation cryptographic compliance as regulatory and procurement requirements shift fully to the 140-3 framework.
Common Criteria (CC)
Common Criteria is an internationally recognized security evaluation framework for IT products, defined under ISO/IEC 15408 and ISO/IEC 18045. It validates security functionality, assurance, and resistance to attacks across products such as network devices, operating systems, cryptographic software, cloud platforms, and embedded systems, with certifications recognized globally through the Common Criteria Recognition Arrangement (CCRA).
Assurance Levels
- EAL1–EAL2 – Basic structured testing
- EAL3–EAL4 – Design review and vulnerability analysis
- EAL5–EAL7 – High-assurance verification
European Transition
- Common Criteria evolving into the EUCC scheme under the EU Cybersecurity Act
- EALs mapped to unified EU assurance levels such as Substantial and High
CNLABS is actively building its Common Criteria readiness and evaluation support capability to assist vendors preparing for CC and upcoming EUCC certification requirements, focussing on strengthening structured security evaluation expertise, documentation alignment, and vulnerability assessment methodologies in line with ISO/IEC 15408 and evolving regulatory frameworks.
MUD-CCF
Manufacturer Usage Description (MUD), defined under IETF RFC 8520, enables IoT devices to declare their intended network communication behavior, allowing networks to automatically enforce least-privilege access policies.
The MUD Conformance Certification Framework (MUD-CCF), developed collaboratively by CNLABS and UNSW Sydney, provides a standardized testing and certification approach to verify IoT device compliance with the MUD specification through defined test requirements, structured methodologies, and an automated conformance test tool.
Core MUD-CCF Capabilities
- Standardized MUD conformance test specification
- Automated validation of MUD files and device behavior
- Structured certification levels (Bronze, Silver, Gold)
- Scalable testing for large IoT deployments
CNLABS and MUD-CCF
CNLABS is a co-developer of the MUD Conformance Certification Framework and provides the technical foundation for MUD compliance verification, including test specification development, automated conformance testing, and certification workflows to support secure-by-design IoT deployments.
ETSI EN 303 645
Developed by the European Telecommunications Standards Institute, ETSI EN 303 645 defines baseline cybersecurity requirements for consumer IoT products. It establishes mandatory security provisions covering authentication, software updates, data protection, secure communication, and vulnerability handling to improve the resilience of connected devices.
The Thirteen Pillars of IoT Security
- No Universal Default Passwords
- Vulnerability Disclosure Policy
- Keep Software Updated
- Secure Storage of Sensitive Data
- Secure Communication
- Minimize Exposed Attack Surfaces
- Ensure Software Integrity
- Ensure Personal Data is Secure
- Make Systems Resilient to Outages
- Examine System Telemetry Data
- Easy Deletion of Personal Data
- Easy Installation and Maintenance
- Validate Input Data
Why CNLABS for ETSI EN 303 645?
- ISO/IEC 17025:2017 accredited testing laboratory for ETSI EN 303 645
- Delivers fully accredited test reports mapped to standard requirements
- Supports IXIT preparation and validation prior to testing
- Provides structured findings aligned with conformity assessment needs
- Covers consumer IoT and connected product categories
Networking Certifications
USGv6
US Government IPv6 certification program focused on capability and interoperability validation.
Mandatory for federal and defense network deployments
IPv6 Ready Logo
Global IPv6 certification testing for core protocols, IPsec, IKEv2, and advanced networking features
Worldwide standard for IPv6 product validation.
MCMC
Official authorization to facilitate Malaysian IPv6 compliance as a designated SIRIM QAS partner lab
Gateway to Malaysian telecommunication markets.
MTCTE
TEC Designated Conformity Assessment Body (CAB) for mandatory testing and certification in India
Essential requirements for Indian telecom infrastructure.
Wi-SUN Certification
Wireless Smart Utility Network (Wi-SUN Alliance)
Global interoperability and certification program for large-scale IPv6 mesh networks.
IEC 62443
Industrial Automation and Control Systems (IACS) Cybersecurity Standard
International series of standards for securing industrial control systems and OT.
USGv6
Access to the U.S. Federal market demands more than basic IPv6 support, it requires strict compliance with the USGv6 Profile, a mandatory requirement for government procurement.
Federal Market Gateway
USGv6 certification is a non-negotiable requirement for selling networking products to the U.S. Federal Government. CNLABS ensures your products meet the strict NIST SP 500-267 standards required to compete.
USGv6 Functional & Interoperability Testing
Our lab conducts testing across IPv6 features covering addressing, routing, header handling, neighbor discovery, DNS, and extension headers.
Test focus: Addressing, routing, neighbor discovery, extension headers, DNS, fragmentation, path MTU handling.
Outcome: Functional conformity to USGv6 profiles and validated interoperability with vendor stacks.
Pre-Certification Gap Analysis & Remediation
Before you submit to a certified test lab, we perform an in-depth readiness assessment and identify deviations from USGv6 profiles.
- Detailed gap report mapped to USGv6 test cases
- Prioritized remediation roadmap
- Retest planning and evidence collection
Outcome: Higher first-pass success rate at certified labs and reduced rework cycles.
How We Engage
- Initial Readiness Assessment & Gap Report
- Remediation Plan & Engineering Support
- Pre-certification Testing & Stress Evaluation
- Test Report Generation & Lab Submission Support
- Post-cert follow-up and monitoring guidance
IPv6 Ready Logo
With the depletion of IPv4 addresses and the accelerating demand for connected devices, IPv6 is rapidly becoming the global standard for modern networks. To operate in U.S. government or other stringent network environments, devices must often achieve USGv6 compliance.
IPv6 Protocol Readiness & Adoption
Before targeting certification, your solution must function correctly under IPv6. CNLABS audits your implementation for correct behavior under dual-stack and IPv6-only configurations, covering:
- Addressing, routing, and neighbour discovery
- Path MTU, fragmentation, and extension header support
- DNS resolution, load balancing, and name resolution in IPv6 environments
USGv6 Pre-Certification Testing
- Functional and interoperability tests aligned with USGv6 profiles
- Conformance test preparation
- Gap analysis identifying deviations from USGv6 requirements
- Test report generation and guidance for lab submissions
Interoperability & Stress Testing
Beyond protocol correctness, real-world deployment demands robustness, we validate interoperability across vendor stacks, performance under load, and resilience to edge-case traffic.
Security & Transition Readiness
IPv6 introduces new security dynamics. We test for:
- IPv6-specific threats (e.g., rogue router advertisements, tunneling attacks)
- Dual-stack transition vulnerabilities
- Access control lists, firewall policies, and prefix filtering for IPv6
MCMC
Malaysia is accelerating its IPv6 adoption, and the Malaysian Communications and Multimedia Commission (MCMC) has established compliance requirements to ensure all internet-enabled equipment supports IPv6.
As a designated partner lab, CNLABS (in collaboration with SIRIM QAS) performs IPv6 compliance testing to help global vendors gain certified market access into Malaysia.
We combine deep protocol expertise with accredited processes to guide you through the MCMC IPv6 certification journey from readiness assessment to final validation.
MCMC IPv6 Testing & Certification
CNLABS is authorized to carry out IPv6 compliance testing under the MCMC framework, acting as one of the few global labs capable of this in one roof.
- Comprehensive functional and interoperability tests aligned to Malaysian standards.
- Gap analysis identifying protocol deviations.
- Test reporting and certification support through SIRIM.
Multi-Standard Capability
Your product doesn’t just need to work in Malaysia; it must also conform to worldwide IPv6 standards. We expand our services in:
- IPv6 Ready Logo (IPv6 Forum)
- USGv6 (U.S. government IPv6 standard)
- MTCTE (India’s telecom IPv6 requirements)
MTCTE
The Department of Telecommunications (DoT) of the Ministry of Communications, Government of India, has notified that from 2019, every telecom equipment manufactured in India or imported for connection to the Indian Telecommunication Network must undergo mandatory testing and certification prior to sale or import for use in India.
OEM, importer, or dealer who wishes to sell, import, or use telecom equipment in India must obtain a certificate from the TEC and mark or affix the equipment with the appropriate certification label.
Outcomes of the Certification Process:
- Any telecom equipment does not degrade the performance of the existing network when connected.
- Safety of the end-users.
- Protection of users and the general public by ensuring that radio frequency emissions do not exceed prescribed standards.
- Compliance of telecom equipment with relevant national and international regulatory standards and requirements.
The conformance certification tests to be performed are prescribed in Essential Requirements (ERs) for each equipment type. Any Indian Accredited Lab designated by TEC can undertake these tests. Based on the test reports, TEC issues the final certificate.
CNLABS – A Designated TEC CAB
CNLABS, a globally approved IPv6 Ready Logo Certification Lab in India, is now a TEC Designated Conformity Assessment Body (CAB). We offer Conformance and Interface Testing under the Technical Requirements prescribed for various network equipment under the ambit of MTCTE.
Wi-SUN Certification
Wi-SUN FAN (Field Area Network) 1.0 is a global interoperability and security certification program for large-scale, low-power wireless mesh networks used in smart grids and utility infrastructure. It validates IPv6-based communication, secure network formation, routing, and resilient device operation across multi-hop environments.
CNLABS is an ISO/IEC 17025 accredited, vendor-neutral laboratory approved for Wi-SUN FAN 1.0 testing for the India band, supporting certification and interoperability validation for utility and smart infrastructure deployments.
Core Wi-SUN FAN 1.0 Scope
- PAN discovery and secure network joining
- Security bootstrapping with authentication and key management
- IPv6 routing using RPL in mesh environments
- DHCPv6 addressing and configuration
- 6LoWPAN neighbor discovery optimization
- Frequency hopping for interference resilience
- Secure data transport using ICMPv6 and UDP
- Error handling and network reliability mechanisms
Certification Focus
- Interoperability across Wi-SUN compliant devices
- Network security, encryption, and authentication
- Protocol compliance with IPv6 mesh standards
- Robustness and vulnerability validation
IEC 62443
IEC 62443 is the global cybersecurity standard series for Industrial Automation and Control Systems (ICS/OT), covering technical controls and secure development processes for industrial components, integrated systems, and full product lifecycles used in critical infrastructure environments such as manufacturing, energy, oil & gas, water, and transportation.
CNLABS supports IEC 62443 security readiness by assessing component security under IEC 62443-4-2, reviewing secure development lifecycle practices under IEC 62443-4-1, and evaluating system-level security under IEC 62443-3-3, including zoning and conduit-based network segmentation.
The standard applies a zone and conduit security model, grouping assets with similar risk profiles and controlling communications between them to limit lateral movement and contain breaches.
Security Levels (SL):
- SL-1 – Basic protection
- SL-2 – Protection from common cyber threats
- SL-3 – Protection from skilled attackers
- SL-4 – Protection from highly resourced attackers
Products and systems are assessed against these levels to match real-world threat environments.
Certification Readiness
Comprehensive preparation services to ensure certification success
Gap Analysis
Comprehensive assessment of current state vs. certification requirements.
Pre-Cert Testing
Thorough testing before formal certification to ensure success.
Documentation
Complete documentation packages and evidence preparation.
Lab Coordination
Direct coordination with accredited certification bodies worldwide.