IEC-62443 is a series of standards developed by the ISA99 committee and adopted by the International Electrotechnical Commission (IEC) to secure industrial automation and control systems and provide a systematic and practical approach to cybersecurity for industrial systems. A white paper issued by the International Society of Automation (ISA) uses nine questions to guide companies through IEC-62443 implementation and the evaluation of cybersecurity certification programs.
How do I know if a product offering is secure enough for its intended use?
IEC 62443 standards define four levels of security capabilities. The asset owner can specify which security capability level is necessary for its intended use by performing a risk and threat analysis. IEC 62443 certified products represent a scalable layer of defense based on the required cybersecurity capability level, all while requiring less complexity, overhead and maintenance than other solutions. End-users can request IEC 62443 conformity certification as a procurement requirement and specify the security capability level.
Which cybersecurity certification should I trust?
Choose a certification body (CB) that has earned an ISO/IEC 17065 CB accreditation and an ISO/IEC 17025 test lab accreditation from an ISO/IEC 17011 accreditation body, such as DAkkS, JAB or ANSI/ANAB. An ISO/IEC 17065 accreditation ensures that the CB is independent and free from conflicts of interest, and ISO/IEC 17025 accreditation ensures that the CB has well-defined and robust lab procedures ensuring consistent, credible test results.
Why do asset-owners trust ISASecure certifications for IEC 62443 compliance?
The ISASecure Certification Program was developed by cybersecurity experts, including end-users from the industry’s thought-leading companies, as the first standards-based program for control systems and the first to offer certifications for the IEC 62443 standards. It is the most referenced IEC 62443 control system certification scheme in the world.
Download the white paper to review the remaining six questions and learn more about ISASecure.