NCCS

About NCCS

The Indian Telegraph (Amendment) Rules, 2017, provides that every telecom equipment must undergo mandatory testing and certification prior to sale, import or use in India. As per mandate of Department of Telecommunications, the Procedure for Mandatory Testing and Certification of Telecommunication Equipment (MTCTE) was formulated in October 2018. The Testing and Certification framework requires that the telecom equipment meets the essential requirements under (a)EMI/EMC (b)Safety (c)Technical requirements (d)other requirements and (e)Security requirements. The testing is carried out with the objective of ensuring that the equipment meets relevant national and international standards such that it is safe to use, the radio frequency emissions from it are within prescribed limits, it does not degrade the performance of the network to which it is connected and complies with national security requirements. The MTCTE scheme was launched on 01/10/2019 for some telecom network elements for certification of telecom equipment against Essential Requirements(ERs). DoT envisages to implement the mandatory testing and certification in respect of Security Requirements through a Scheme titled ‘Communication Security Certification Scheme’ (ComSeC).

National Centre for Communication Security (NCCS) - a Centre under Department of Telecommunications (DoT) – shall be responsible for implementation of this scheme. Government of India has established Security Assurance Standards Facility, covering an area of about 11,500sq.ft at Bangalore with an investment of about Rs.17 Crore for infrastructure including Laboratory, IT, IBS and climate control and another about Rs.8.5 Crore for testing tools to facilitate development of security standards and to function as a referral laboratory. The facility was inaugurated by Hon'ble Minister of Communications Sri. Manoj Sinha on 15th November 2018.

The Scheme

The ComSec Scheme is managed by the Scheme Controller. NCCS aims to meet the following objectives in operating and maintaining the ComSec scheme:

  • Development of country specific standards, processes and specifications.
  • Development of testing and certification eco-system.
  • Ensure that Telecom network elements meet security assurance requirements.
  • Ensure compliance of regulatory requirements pertaining to security testing

  • Scheme mainly comprises of three major activities:

 

Scope of Security Certification:

  • Development of country specific Security assurance standards called Indian Telecom Security Assurance Requirements (ITSAR) for every Telecom equipment
  • Designation of third party Telecom Security Test Laboratories (TSTL) meeting the specified requirements. The Designated TSTLs will be responsible for carrying out the security testing of telecom equipment as per ITSAR’s requirements
  • Evaluation and Certification of the telecom equipment against ITSAR by NCCS.
  • The scope of certification shall cover all types of telecom equipment to be sold in India and to be connected to Indian telecom network, once this scheme is launched, for the elements for which ITSAR is available and is in force (from a date to be notified separately). Any Original Equipment Manufacturer (OEM)/ importer/ dealer who wishes to sell, import, or use any telecom equipment in India, shall have to get their equipment security tested and certified. This may be implemented in a phased manner.

 

           List of ITSAR issued

 

           Amendment to the Communication Security Certification Scheme & Procedure for Security Certification of Telecom Equipment

          Meeting Notice for stakeholder inputs on draft ITSAR  for Aggregated 5G gNB (Option-3, 7 & 4)

          Revised Meeting Notice for seeking stakeholder inputs on the DFC (Draft For Comment) of ITSAR  for Aggregated 5G gNB (Option-2)

          Notice for seeking stakeholder inputs on the DFC (Draft For Comment) of ITSAR for Network Function Virtualization ( NFV)

           Notice for seeking stakeholder inputs on the DFC (Draft For Comment) of  ITSAR for Network Function Virtualization ( NFV)