ASTM International - ASTM F3463-20
Standard Guide for Ensuring the Safety of Connected Consumer Products
|Publication Date:||15 September 2020|
significance And Use:
3.1 This guide is intended to apply in conjunction with applicable end product specific standard requirements to address the overall system safety of a connected consumer product. This guide is... View More
3.1 This guide is intended to apply in conjunction with applicable end product specific standard requirements to address the overall system safety of a connected consumer product. This guide is not a substitute for the performance requirements in the end product standard. Property damage, including non-functionality of the connected consumer product, is only included to the extent that such property damage leads to a safety issue. Data security beyond the extent necessary to ensure system safety, or privacy-related issues, are not addressed in this guide although measures to address the protection of personal information may help mitigate connected consumer product safety issues.
3.2 This guide provides guidelines for:
3.2.1 Remote updates;
3.2.2 Software, firmware, and configuration risk management designed to ensure compliance with an end product safety standard and to prevent the creation of an unanticipated hazard from the connected consumer product; and
3.2.3 Cybersecurity risk controls for the software, firmware, and configuration of architecture and design.View Less
1.1 This guide provides guidance for connected consumer products, as defined in 1.1.1, as it relates to physical product safety hazards created by virtue of their connectivity. It applies to connected products that need testing and evaluation to prevent cybersecurity vulnerabilities and weaknesses that could compromise the safety-related performance of the product, create a physical safety hazard in the product or its operation, or result in a noncompliance to the underlying end product safety standard.
1.1.1 Connected consumer product or Internet of Things (IoT) consumer device means any consumer device or physical object that is capable of connecting to the internet or other network, directly or indirectly, and is assigned an internet, Bluetooth, or other communication protocol address or identifier. A non-exhaustive list of examples includes:
220.127.116.11 Connected children's toys;
18.104.22.168 Connected safety-related products such as smoke alarms and door locks;
22.214.171.124 Connected TVs and speakers;
126.96.36.199 Wearable connected health trackers and smart apparel;
188.8.131.52 Connected home automation, security or surveillance cameras, and alarm systems;
184.108.40.206 Connected appliances (for example, washing machines and refrigerators);
220.127.116.11 Connected smart home assistants; and
18.104.22.168 Connected baby monitors.
1.2 Safety, for this guide, is defined as the freedom from an unreasonable risk of physical injury or illness resulting from mechanical contact, hazardous energy release, or exposure to hazardous chemicals from the connected product. Physical injury or illness may include burns, lacerations, strains, contusions, suffocation, strangulation, poisoning, disease, seizures, internal injuries, shock, or other injuries to the body. Property damage related to non-functionality of the connected device is only included to the extent that such property damage leads to a safety issue. Safety, for this standard, does not include privacy or personal data security, or physical harms potentially resulting from privacy or personal data breaches.
1.3 The values stated in SI units are to be regarded as standard. No other units of measurement are included in this standard.
1.4 This standard does not purport to address all of the safety concerns, if any, associated with its use. It is the responsibility of the user of this standard to establish appropriate safety, health, and environmental practices and determine the applicability of regulatory limitations prior to use.
1.5 This international standard was developed in accordance with internationally recognized principles on standardization established in the Decision on Principles for the Development of International Standards, Guides and Recommendations issued by the World Trade Organization Technical Barriers to Trade (TBT) Committee.