Contacts

Shasta Solution LLP, Next CoWorks Office Space Private Limited 2nd Floor, #45, Alankar Plaza, Near B K Circle, Nayak Layout, J P Nagar 8th Phase, Bangalore 560076
info@shastasolution.in
+91 7353644888 / +91 9632338888

Reach Us On:

+91 7353644888
+91 9632338888
BIS Certification for Smart Camera in bangalore

Essential Requirement for CCTV Camera

On 9 April 2024, the Ministry of Electronics and Information Technology (MEITY) amended the Electronics and Information Technology Goods (Requirement of Compulsory Registration) Order, 2021 (CRO 2021).

Get Started

Need help?

+91 7353644888 / +91 9632338888
Essential requirement for CCTV camera in Delhi
Essential requirement for CCTV camera in bangalore BIS Registration for CCTV Cameras in Bangalore
Overview

Essential Requirement for CCTV Camera

On 9 April 2024, the Ministry of Electronics and Information Technology (MEITY) amended the Electronics and Information Technology Goods (Requirement of Compulsory Registration) Order, 2021 (CRO 2021). Under the amendment, MEITY has mandated certain ‘essential security requirements’ for Closed-Circuit Television (CCTV) cameras (CRO Amendment). The CRO Amendment will be effective from 9 October 2024, giving manufacturers of CCTV cameras six months to conform to the requirements under the CRO Amendment.

The sale of CCTV cameras in India is permitted only if such CCTV cameras carry a standard mark issued by the Bureau of Indian Standards (BIS). For the grant of license to use such standard mark issued by the BIS, all manufacturers of CCTV cameras in India are required to adhere to:

  • the essential security requirements’ provided under the CRO Amendment; and
  • the relevant Indian Standard as provided under the CRO 2021.

Applicants for the BIS standard mark is required to submit test reports from a lab recognized by the BIS, evidencing adherence to the above

Below are the important criteria for CCTV camera series guidelines as per Essential Requirements:

System-on-Chip (SoC):

All products within the series must use the same SoC to ensure consistent performance.

SoC
Software/Firmware

All products must use the same software/firmware version with matching hash values. Different versions must be tested separately.

S/F
PCBA Layout

The layout for security-related components (such as microcontrollers and sensors) must remain identical, though variations in non-critical elements like housing and connectors are allowed.

PCBA
Bill of Materials (BoM)

The core hardware components must be identical across the series, but variations in passive components like lenses and resistors are allowed.

BoM
Communication Protocols

All products in the series must use the same wired or wireless communication protocols (e.g., Wi-Fi, Ethernet). The product with the maximum functionality should be tested.

CP
Certification Details

The issued certificate must include product pictures, model numbers, chipset details, firmware versions, and hash values.

CD

These guidelines ensure uniformity within product series, maintaining compliance with security and performance standards.

ER for CCTV camera in bangalore
Essential requirement for CCTV camera in Delhi BIS Registration for CCTV Cameras in Ahmedabad

Key points from the document include:

MeitY

Gazette notification from the Ministry of Electronics and Information Technology (MeitY)

Gazette notification from the Ministry of Electronics and Information Technology (MeitY), India, dated April 9, 2024. It contains amendments to the "Electronics and Information Technology Goods (Requirement of Compulsory Registration) Order, 2021," specifically addressing the requirements for CCTV cameras.

Amendment Overview:

  • The amendment mandates that CCTV cameras must meet certain essential requirements to comply with the "Electronics and Information Technology Goods (Requirements for Compulsory Registration) Order, 2021." Kindly refer the attached Gazette Notification.
  • These requirements will be effective six months from the publication date of the notification. Applicable from 9th October 2014.

Detailed Testing Parameters:

  • Hardware Level Security: Ensuring debugging interfaces like USB, UART, and others are disabled or protected, cryptographic keys are unique, and sensitive data is stored securely.
  • Software/Firmware Security: Enabling memory protection controls, securing data in transit, validating server connections, and replacing banned C functions with safer alternatives.

Implementation:

  • The requirements include guidelines for verifying the presence and effectiveness of security measures through various testing methods, including code review and process audits.

Essential Security Requirements:

  • Physical Security: Use of tamper-resistant enclosures and locking mechanisms.
  • Access Control: Implementing authentication, role-based access control(RBAC), and regular updates to access permissions.
  • Network Security: Encrypting data transmission.
  • Software Security: Regular updates, disabling unused features, and enforcing strong password policies.
  • Penetration Testing: Conducting penetration testing to identify and address vulnerabilities.

Documentation and Verification:

  • Vendors must submit detailed documentation, including datasheets, technical specifications, key management lifecycle, and process flows for manufacturing/provisioning.
  • Testing and validation are required in the presence of the Original Equipment Manufacturer (OEM) team.

This amendment aims to enhance the security and reliability of CCTV systems by ensuring they meet stringent standards. For a comprehensive understanding get in touch with Shasta Solution for your requuirement for BIS Registration for CCTV Cameras in Bangalore

ETAs

Here is a summary of the documents needed for each testing parameter:

Hardware Level Security

Debugging Interfaces (USB, UART, etc.):
  • Datasheet of the SoC (System on Chip) being used in the device.
  • Documentation related to ports/interfaces enabled in the production devices and the related access control mechanism.
  • Process flow of the Manufacturing/Provisioning of the device.
On-chip Debugging Interfaces (JTAG or SWD):
  • Datasheet of the SoC being used in the device.
  • Documentation related to ports/interfaces enabled in the production devices and the related access control mechanism.
  • Process flow of the Manufacturing/Provisioning of the device.
Secure Storage of Sensitive Data, Private Keys, and Certificates:
  • List of all keys and certificates being used in the device ecosystem.
  • List of all sensitive data with their intended usage and secure storage mechanism(s).
  • Key management lifecycle documentation.
Cryptographically Secure Pseudo-Random Number Generator:
  • Documentation on the random generators (hardware-based or software- based) being used in the device and their intended usage.
  • Datasheet of the SoC and technical specifications of the device regarding random generators (for hardware-based generators).
  • Libraries being used for software-based random number generators.
Cryptographic Keys and Certificates:
  • List of all keys and certificates being used in the device ecosystem.
  • Key management lifecycle documentation (purpose, generation, storage, destruction/zeroization, validity, key changeover/rotation).
Trusted Execution Environment (TEE), Secure Element (SE), or TPM:
  • Datasheet of the SoC being used in the device.
  • User manual/Technical specifications of the device.
  • Code snippets of the TEE API call, wherever applicable.
Tamper Resistance and Detection Features:
  • Documentation on measures available in the device to prevent software and hardware tampering.
Intellectual Property Protection Technologies:
  • Datasheet of the SoC.
  • Documentation regarding the Intellectual Property protection technologies enabled by the chip manufacturer.
  • Declaration if no Intellectual Property protection technologies are provided by the chip manufacturer.
Boot Image Signature Validation:
  • Datasheet of the SoC.
  • Technical specifications of the device regarding secure boot (keys involved and their management lifecycle, signature validation process).
S/F

Software/Firmware Security

Memory Protection Controls (ASLR and DEP):

  • Declaration of the memory protection controls available and enabled in the device.

Digital Signature Validation of Server Connections:

  • Document mentioning the use-cases when the device establishes server connections with the external world, detailing the security measures in place for validating digital signatures of the server connections.

Software Bill of Materials:

  • Documentation for information on the software bill of materials, including third-party components and versions.

Data-in-Transit Protection (Transport Layer Security):

  • Specifications and documentation related to the configurations available in the applications and firmware related to transport layer security.

Replacement of Banned C Functions:

  • Firmware binaries for code review.
  • Internal code review reports.
GD

General Documentation

  • Test reports from BIS recognized labs as per Scheme II of BIS Conformity Assessment Regulations, 2018.
  • Compliance documentation as per the "Electronics and Information Technology Goods (Requirements for Compulsory Registration) Order, 2021".

These documents collectively ensure that CCTV systems meet the mandated security requirements and undergo rigorous testing and verification processes.

Normal testing duration

The total estimated duration for completing the Essential Requirement (ER) test will be approximately 2 to 3 weeks, depending on the documentation and inputs provided by the client.

Please ensure that all necessary documents are submitted on time to avoid any delays in the process.

Enquire Now

Enquire Now

×
Home
Whatsapp
Our Services
Contact Us
Call Us

Our Services