UL is transitioning to a new email policy as part of our commitment to your digital security and privacy. Please confirm your wish to continue to receive periodic emails from UL containing best practices, education, industry research, news, updates and promotions related to UL’s products and services by clicking CONFIRM.
UL Cybersecurity Assurance Program (UL CAP) for Appliances, HVAC & Lighting (AHL) uses the new UL 2900-1 standard to offer testable cybersecurity criteria to assess software vulnerabilities and weaknesses, minimize exploitation, address known malware, review security controls and increase security awareness.
The Internet of Things (IoT), is enabling more sophisticated capabilities through network-connected products and systems. As a result, residential and commercial products are becoming more interconnected and networkable. According to many recent industry reports and the U.S. government, there have been significant increases in attacks that penetrate connected networks. This activity has highlighted that cybersecurity of software is becoming critically important for the safety, privacy and performance of these networked systems. Verifying against known vulnerabilities and exploitable weaknesses in software can help prevent systems from becoming susceptible to cyber attacks.
With our extensive expertise in software, hardware and interoperability, UL can help mitigate these concerns for manufacturers, vendors and their customers through our UL Cybersecurity Assurance Program (UL CAP) that utilizes the new UL 2900-1 standard for AHL products and systems.
UL CAP offers trusted third party support with the ability to evaluate both the security of network-connectable products and systems as well as the vendor processes for developing and maintaining products and systems with a security focus. The program allows vendors to concentrate on product innovation with emerging technologies and capabilities to meet the ongoing needs of the marketplace.
For increased flexibility, vendors can select the UL CAP services for AHL products and systems best suited for their current needs:
- Testing security criteria based on UL 2900-1 cybersecurity standard or specified requirements
- Testing leading to certification based on UL 2900-1 cybersecurity standard
- Evaluation and risk assessment of vendor processes for developing and maintaining AHL products and systems
- Advisory/ Training in security readiness for product design and sourcing third party components
Why Choose UL CAP for Appliances, HVAC & Lighting
Everything UL does focuses on reducing the risks of product developers and manufacturers. UL does this by establishing industry standards and providing independent testing, support and certification. The UL CAP was developed with input from major stakeholders representing the U.S. Federal government, academia and industry to elevate the security measures deployed in the critical infrastructure supply chain. In fact, the UL CAP services and software security efforts are recognized within the U.S. White House Cybersecurity National Action Plan (CNAP) as a way to test and certify network-connectable devices within the IoT supply chain.
Early adoption of the UL CAP provides a competitive advantage by differentiation in the marketplace and can help mitigate risk due to potential consequences of a cyberattack including:
- Unplanned downtime and loss of production
- Costly harm to assets
- Reputational damage
As a third-party provider we reinforce a customer’s objective commitment to safety excellence, helping build buyer confidence through UL certification on products and systems.
Appliances, HVAC & Lighting Product Evaluation Deliverables
|Certification||Certificate of compliance to UL 2900-1 indicating UL 2900 compliant|
|Testing||Test report based on some or all of UL 2900-1 requirements or customer specified requirements|