Chwilio Deddfwriaeth

Chwiliad Uwch

The Product Security and Telecommunications Infrastructure (Security Requirements for Relevant Connectable Products) Regulations 2023

Draft Legislation:

This is a draft item of legislation. This draft has since been made as a UK Statutory Instrument: The Product Security and Telecommunications Infrastructure (Security Requirements for Relevant Connectable Products) Regulations 2023 No. 1007

Interpretation

This adran has no associated Memorandwm Esboniadol

2.—(1) In these Regulations—

defined support period” means the minimum length of time, expressed as a period of time with an end date, for which security updates will be provided;

ETSI EN 303 645” means the European Standard on Cyber Security for Consumer Internet of Things: Baseline Requirements (ETSI EN 303 645 V2.1.1 (19th June 2020))(1);

hardware” means a physical electronic information system, or parts thereof, capable of processing, storing or transmitting digital data;

ISO/IEC 29147” means the ISO/IEC 29147:2018 Information technology - Security techniques - Vulnerability disclosure standard (2nd edition, 2018)(2);

manufacturer’s intended purpose” means the use for which the product is intended according to the data provided by the manufacturer, including on the label, in the instructions for use, or in promotional or sales materials or statements;

security update” means a software update that protects or enhances the security of a product, including a software update that addresses security issues which have been discovered by or reported to the manufacturer.

(2) References in these Regulations to sections, except where otherwise specified, are to sections of the Product Security and Telecommunications Infrastructure Act 2022.

(1)

The European Standard on Cyber Security for Consumer Internet of Things: Baseline Requirements (ETSI EN 303 645 V2.1.1 (19th June 2020)) is the standard set by the European Telecommunications Standards Institute for standardisation of Cyber Security for Consumer Internet of Things Products. The standard is available free of charge at https://www.etsi.org/deliver/etsi_en/303600_303699/303645/02.01.01_60/en_303645v020101p.pdf. A copy can also be inspected free of charge by appointment by contacting the Office for Product Safety and Standards at Stanton Avenue, Teddington, Middlesex, TW11 0JZ or by email at OPSS.enquiries@beis.gov.uk.

(2)

The ISO/IEC 29147:2018 Information technology - Security techniques - Vulnerability disclosure standard (2nd edition, 2018) is the standard set by the International Organization for standardisation, among other things, for vulnerability disclosure. A copy can be inspected free of charge by appointment by contacting the Office for Product Safety and Standards at Stanton Avenue, Teddington, Middlesex, TW11 0JZ or by email at OPSS.enquiries@beis.gov.uk.

Yn ôl i’r brig

Options/Help

Print Options

Close

Mae deddfwriaeth ar gael mewn fersiynau gwahanol:

Y Diweddaraf sydd Ar Gael (diwygiedig):Y fersiwn ddiweddaraf sydd ar gael o’r ddeddfwriaeth yn cynnwys newidiadau a wnaed gan ddeddfwriaeth ddilynol ac wedi eu gweithredu gan ein tîm golygyddol. Gellir gweld y newidiadau nad ydym wedi eu gweithredu i’r testun eto yn yr ardal ‘Newidiadau i Ddeddfwriaeth’.

Gwreiddiol (Fel y’i Deddfwyd neu y’i Gwnaed): Mae'r wreiddiol fersiwn y ddeddfwriaeth fel ag yr oedd pan gafodd ei deddfu neu eu gwneud. Ni wnaed unrhyw newidiadau i’r testun.

Close

Dewisiadau Agor

Dewisiadau gwahanol i agor deddfwriaeth er mwyn gweld rhagor o gynnwys ar y sgrin ar yr un pryd

Close

Memorandwm Esboniadol Drafft

Mae Memorandwm Esboniadol Drafft yn nodi datganiad byr o ddiben Offeryn Statudol Drafft ac yn rhoi gwybodaeth am ei amcan polisi a goblygiadau polisi. Eu nod yw gwneud yr Offeryn Statudol Drafft yn hygyrch i ddarllenwyr nad oes ganddynt gymhwyster cyfreithiol, ac maent yn cyd-fynd ag unrhyw Offeryn Statudol neu Offeryn Statudol Drafft a gyflwynwyd yn fanwl gerbron y Senedd o Fehefin 2004 ymlaen.

Close

Rhagor o Adnoddau

Gallwch wneud defnydd o ddogfennau atodol hanfodol a gwybodaeth ar gyfer yr eitem ddeddfwriaeth o’r tab hwn. Yn ddibynnol ar yr eitem ddeddfwriaeth sydd i’w gweld, gallai hyn gynnwys:

  • y PDF print gwreiddiol y fel deddfwyd fersiwn a ddefnyddiwyd am y copi print
  • rhestr o newidiadau a wnaed gan a/neu yn effeithio ar yr eitem hon o ddeddfwriaeth
  • manylion rhoi grym a newid cyffredinol
  • pob fformat o’r holl ddogfennau cysylltiedig
  • slipiau cywiro
  • dolenni i ddeddfwriaeth gysylltiedig ac adnoddau gwybodaeth eraill
Close

Asesiadau Effaith

Impact Assessments generally accompany all UK Government interventions of a regulatory nature that affect the private sector, civil society organisations and public services. They apply regardless of whether the regulation originates from a domestic or international source and can accompany primary (Acts etc) and secondary legislation (SIs). An Impact Assessment allows those with an interest in the policy area to understand:

  • Why the government is proposing to intervene;
  • The main options the government is considering, and which one is preferred;
  • How and to what extent new policies may impact on them; and,
  • The estimated costs and benefits of proposed measures.
Close

Rhagor o Adnoddau

Defnyddiwch y ddewislen hon i agor dogfennau hanfodol sy’n cyd-fynd â’r ddeddfwriaeth a gwybodaeth am yr eitem hon o ddeddfwriaeth. Gan ddibynnu ar yr eitem o ddeddfwriaeth sy’n cael ei gweld gall hyn gynnwys:

  • y PDF print gwreiddiol y fel gwnaed fersiwn a ddefnyddiwyd am y copi print
  • slipiau cywiro

liciwch ‘Gweld Mwy’ neu ddewis ‘Rhagor o Adnoddau’ am wybodaeth ychwanegol gan gynnwys

  • rhestr o newidiadau a wnaed gan a/neu yn effeithio ar yr eitem hon o ddeddfwriaeth
  • manylion rhoi grym a newid cyffredinol
  • pob fformat o’r holl ddogfennau cysylltiedig
  • dolenni i ddeddfwriaeth gysylltiedig ac adnoddau gwybodaeth eraill

The data on this page is available in the alternative data formats listed: