NCSC said to finalize criteria for identifying Trusted Products

The National Cyber Security Coordinator (NCSC) is believed to have finalized the criteria for identifying the Trusted Products and Trusted Sources. The development comes just days after NCCS held a meeting with stakeholders to finalize the ITSARs for communication equipment on 25 March 2021.

NCCS is tasked with the framing of security requirements and for security testing and certification of telecommunication equipment. The equipment must meet the Essential Requirements (ER) including Security Requirement (SR).

The ITSARs released by NCCS broadly cover eNodeB, mobile device, P-GW/PDN-GW, UICC, IP Router, mobile management entity (MME), cryptographic controls, WiFi CPEs, 4G S-GW Security Requirements, 4G S-GW Specific Security Requirements, HSS, and 4G PCRF.

NCCS will declare the list of security cleared equipment including product name, manufacturer, model number, version, and certificate details along with validity of the certificate. The new procurement rules kick in from 15 June 2021 although NCCS is expected to declare Trusted Sources and Trusted Products before that.

NCCS is already working on a portal dedicated to the certification of telecom equipment whereas another microsite is under construction for listing all security cleared equipment.

DoT recently amended UL, UL (VNO), PMRTS, CMRTS, ILD and NLD among other licenses to included the Trusted Products and Trusted Sources clause. All licensees under different license agreements from 15th June 2021 can only connect Trusted Products in its network and also seek permission from Designated Authority for up-gradation of an existing network utilizing the Telecommunication Equipment not designated as Trusted Products.