Introduction

The P01 Procedure for CCTV Testing, Evaluation, and Certification establishes a standardized framework for assessing the safety, performance, and compliance of Closed-Circuit Television (CCTV) systems. With the increasing reliance on surveillance technologies for security, it is essential to ensure that CCTV equipment meets defined technical and regulatory standards before being deployed in critical environments.
This procedure outlines the comprehensive testing methodology, documentation requirements, and evaluation criteria necessary for certifying various components of CCTV systems, including cameras, DVRs, NVRs, and associated devices. The objective is to verify that the equipment adheres to national and international quality benchmarks related to electrical safety, electromagnetic compatibility (EMC), environmental endurance, functional performance, and cybersecurity.

IoT System Certification Scheme (IoTSCS) is operated by STQC Directorate, Ministry of Electronics and Information Technology (MeitY), Govt. of India. Under supervision of CB, the Testing Laboratories perform Testing of CCTV Cameras against the Essential Requirements mentioned in Gadget Notification dated 6 Match, 2024 issued by MeitY.

The purpose of this document is to define the methodology to verify the compliance of claims made by CCTV developer/manufacturer with respect to Essential Requirements mentioned in Gadget Notification dated 6 Match, 2024 issued by MeitY.

The key objective is that the CCTV Cameras shall comply with the requirements as specified in the Essential Requirements mentioned in Gadget Notification dated 6 Match, 2024 issued by MeitY. CCTV developer/manufacturer vendor may implement TEE on Single chip (i.e. Micro Controller, Micro Chip, Secure Processor, Secure Chip etc.) or set of chips on single PCB.

The CCTV Developer/Manufacturer shall identify the entities in its supply chain for design manufacturing, quality assurance and supply of chips through an entity relationship diagram highlighting the role and relationship and details of various critical entities. The number of entities could be different for different technical architectures and business models. In some cases, these entities are different specialist contractors or expert agencies and in other cases, a single agency may perform all the operations. Broadly, these specialist contractors cover different entities of the life cycle stages of concept, design & development, production, utilization, support, retirement.
The security controls exercise by CCTV Developer/Manufacturer should be as per Essential Requirements – Technical specification. Detail artefacts, demonstrating compliance, declarations etc. shall be submitted to STQC in the form of Technical Construction File (TCF).

1. CCTV Developer/Manufacturer to study Gadget Notification dated 6 Match, 2024 issued by MeitY to meets the requirements of Essential Requirements (Annexure A).

2. CCTV Developer/Manufacturer should prepare a detailed technical solution architecture demonstrating capability of CCTV Camera with Essential Requirements mentioned in Gadget Notification dated 6 Match, 2024 issued by MeitY.

3. Certification Body will evaluate document submitted and if found prima facie worthy of the proposed TCF, may schedule detailed technical review with presentation and discussion to explain architecture and its merit.

4. The CCTV Developer/Manufacturer should prepare themselves by developing secure-boot code, secure-update support, crypto library, test cases and required artifacts as defined in the Annexure A. Ensure to follow a secure engineering process to create the CCTV Camera.

5. CCTV Developer/Manufacturer shall prepare device design guidelines/instructions and provide necessary tools to be used by the device provider and this list should be part of TCF. (like tool to load device Firmware, IDE, guidelines to use Tamper protection etc)

6. CCTV Developer/Manufacturer applies to STQC for CCTV certification by submitting application and technical construction file (TCF). The contents of technical construction file should at least consists of
a) The artifacts defined in the Essential Requirements
b) Artifacts to be used for test cases for verification and validation purpose. (Engineering board, demo board etc)

7. CB may allocate the application number under the scheme and same will be communicated to Test Laboratory.
a) Based on application number, CCTV Developer/Manufacturer shall contact Test Laboratory for proposal, SRF, submission of charges and test samples.
b) Test laboratory shall evaluate the CCTV Cameras based on TCF submitted, Vendor shall provide necessary support as and when required by Test Laboratory.
c) CCTV Developer/Manufacturer should demonstrate testing and validation as defined under the demonstration section of the Essential Requirements.
d) Laboratory will submit the final test report including TCF review report to CB
e) Laboratory will also submit final TCF (if any change) for the TCF submitted by CCTV Developer/Manufacturer as per Essential Requirements.

8. The Certification body will appoint Assessor for this evaluation. They will be continuously associated with this evaluation on behalf of Certification body to oversee the evaluation

Certification committee evaluates compliances in holistic way and integrates information from all channels stated above. Based on compliances along with Certification Committee recommendation, certificate of approval is issued to CCTV Developer/Manufacturer.
The validity of the certificate will be issued for three years from date of issue subjected to surveillance audit.