An unprecedented number of security vulnerabilities have been exposed in industrial control products and regulatory agencies are demanding compliance to complex and confusing regulations. There are well established strategies and techniques that automation professionals can employ to discover and mitigate security vulnerabilities and improve the inherent security of their products and systems. Learning and adopting these strategies will help companies stay ahead of potential vulnerabilities.
IEC 62443 is a series of standards, technical reports, and related information that define procedures for implementing electronically secure Industrial Automation and Control Systems (IACS). This guidance applies to end-users (i.e. asset owner), system integrators, security practitioners, and control systems manufacturers responsible for manufacturing, designing, implementing, or managing industrial automation and control systems.
exida has comprehensive knowledge of the IEC 62443 standards and have developed a robust certification scheme that helps make their client's products safer and enjoy strong market recognition.
exida has been accredited by the ISA Security Compliance Institute to offer security certification of automation products per the ISASecureEmbedded Device Security Assurance program.
This vetted, approved compliance specification provides a holistic assessment of the functional security of an embedded device that builds upon but goes well beyond industry recognized network robustness testing. In addition to network robustness testing the assessment includes an evaluation of the security features and functions supported by the device and an audit of the supplier’s software development practices. Similar to the well-established IEC 61508 functional safety certification, the ISASecure EDSA program will certify a product to one of three capability levels (ISASecure Level 1, 2 or 3).
For more information on the program please visit www.isasecure.org.