In recent years, cybersecurity certification is gaining momentum as the baseline to build a structured approach to mitigate cybersecurity risks in the Internet of Things (IoT). This initiative is driven by industry, governmental institutions, and research communities, which have the goal to make IoT more secure for the end-users. In this survey, we analyze the current cybersecurity certification schemes, as well as the potential challenges to make them applicable for the IoT ecosystem. We also examine current efforts related to risk assessment and testing processes, which are widely recognized as the processes to build a cybersecurity certification framework. Our work provides a multidisciplinary perspective of a possible IoT cybersecurity certification framework by integrating research and technical tools and processes with policies and governance structures, which are analyzed against a set of identified challenges. This survey is intended to give a comprehensive overview of cybersecurity certification to facilitate the definition of a framework that fits in emerging scenarios, such as the IoT paradigm.

中文翻译：

---

物联网网络安全认证调查

近年来，网络安全认证作为建立结构化方法以减轻物联网 (IoT) 中的网络安全风险的基准正在获得动力。该计划由行业、政府机构和研究团体推动，其目标是使物联网对最终用户更加安全。在本次调查中，我们分析了当前的网络安全认证计划，以及使其适用于物联网生态系统的潜在挑战。我们还研究了与风险评估和测试流程相关的当前工作，这些流程被广泛认为是构建网络安全认证框架的流程。我们的工作通过将研究和技术工具和流程与政策和治理结构相结合，提供了可能的物联网网络安全认证框架的多学科视角，并针对一系列已确定的挑战进行了分析。本调查旨在全面概述网络安全认证，以促进定义适合新兴场景的框架，例如物联网范式。