My professional career has spanned twenty-plus years in the field of product development ensuring the security of the product is properly addressed throughout the development cycle:

Regulations

Cybersecurity regulations driven by EU, but also the governments in other regions of the world, define a set of requirements that have to be fulfilled by a manufacturer of internet connected products across majority of the markets. These requirements are related to the product security but also to the processes used to develop and maintain the product over their life time.

Having being involved in the ongoing work on the Radio Equipment Directive and Cyber Resilience Act related specifications at CENELEC and Connectivity Standards Alliance Product Security Certification Program, I can bring important insights that can help guide product development to improve security and achieve compliance with cybersecurity regulations.

Expertise

My expertise includes:

Patents

"Piotr Polak has filed for thirty patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office".

Standardization

I am a contributing member to the following standardization organizations.

Representing the national committee of The Netherlands: Normcommissie Cybersecurity Privacy, Normcommissie Industrieel meten, regelen en automatiseren (NEC 65).

JTC13 Cybersecurity and data protection

Tasked by EU Commission to develop security standards related to RED and CRA:

Radio Equipment Directive

TC65X Industrial-process measurement, control and automation

TC205 Home and building electronic systems (HBES)

Member of the Security Advisory Group and Product Security Working Group Steering Committee. Directly involved in the following security related standardization efforts.

IoT Product Security Certification ProgramVerified label

Ongoing effort to establish consumer IoT device security certification program with global reach covering requirements related to development process and device security addressing global regulations. The program is currently covering requirements defined by:

The scope of the program may be extended in the future to cover requirements defined by other standards or regulations, support different assurance levels or include products targeting professional market.

Zigbee Direct Zigbee

Zigbee Direct simplifies onboarding and control of Zigbee devices directly via Bluetooth Low Energy devices that are also capable of participating in a Zigbee network.

MatterZigbee

Matter is IP based protocol providing IoT devices with reliable and secure communication.

Enterprise security

Enabling enterprise security (IEEE 802.1x network access control) for LiFi and Power Line Communication, see the specifications and Annex D in:

For an overview of LiFi security see "ELIoT: enhancing LiFi for next-generation Internet of things" whitepaper.

Secure device onboarding framework

The Fairhair Alliance brought together lighting, building automation and IT companies to develop a secure device onboarding framework based on IP for lighting and building control in commercial buildings.