STQC Certification Solution

The Mandatory Shift

As of March 6, 2024, the Ministry of Electronics and Information Technology (MeitY) issued a Gazette Notification making STQC Security Certification mandatory for all CCTV cameras sold in India. This mandate transforms security from an optional "feature" into a fundamental requirement for market access; without this certification, manufacturers are legally prohibited from selling their products in India.

The "Hardware Security Hurdle"
The STQC IoT System Certification Scheme (IoTSCS) is a rigorous process that evaluates the entire device architecture, including software, communication, and supply chain security. However, hardware security is now considered a core pillar of the evaluation. Manufacturers attempting to build these security features in-house face significant challenges:
  • Secure Key Isolation: Protecting cryptographic keys from the main application processor, which is often vulnerable to software attacks.
  • Physical Protection: Implementing countermeasures against side-channel attacks (SPA/DPA) and physical tampering.
  • High Risk of Failure: A "Do-It-Yourself" approach often leads to extended R&D cycles, high NRE costs, and a high risk of failing the STQC lab tests, which results in expensive redesigns.
The Solution: iMQ SQ7131S Secure Coprocessor

The sources recommend integrating a pre-certified secure coprocessor like the iMQ SQ7131S to offload the hardware security burden. This chip is described as the "key to STQC success" because it has already passed the rigorous hardware evaluations required.

Technical Advantages of the SQ7131S:
  • Asymmetric Cryptography: Supports ECC-P256/P384, ECDSA (Sign/Verify), and ECDH.
  • Symmetric Cryptography: FIPS-197 AES-128/256 (supporting ECB and GCM modes).
  • Hashing & Integrity: FIPS 180-4 SHA-256 and FIPS 198-1 HMAC.
  • True Randomness: NIST ESV certified True Random Number Generator (TRNG).
  • Secure Storage: 5.6KB of chip-dependent encrypted storage for X.509 certificates and sensitive keys.
  • 128-bit Unique UID.
  • NIST CAVP : DRBG, AES, SHA2, ECDSA and HMAC.
  • NIST ESV Certified and CMVP FIPS 140-3 Complied.
  • STQC Level 2 certified.
  • SESIP & PSA Level 3 certification ready.


Strategic Business Benefits
Integrating this certified foundation provides several business advantages:
  1. Accelerated Time-to-Market: It skips months of complex hardware security R&D.
  2. Optimized BOM Cost: It avoids the need for expensive, high-end SoCs that may lack certified security features.
  3. De-Risked Certification: It ensures a higher likelihood of first-pass success in STQC labs.
  4. Enhanced Brand Trust: Compliance acts as a differentiator for winning government tenders and building customer confidence.