Discrete and Process Automation

Nine smart questions to ask when evaluating cybersecurity certification programs

17 June 2020

IEC-62443 is a series of standards developed by the ISA99 committee and adopted by the International Electrotechnical Commission (IEC) to secure industrial automation and control systems and provide a systematic and practical approach to cybersecurity for industrial systems. A white paper issued by the International Society of Automation (ISA) uses nine questions to guide companies through IEC-62443 implementation and the evaluation of cybersecurity certification programs.

How do I know if a product offering is secure enough for its intended use?

IEC 62443 standards define four levels of security capabilities. The asset owner can specify which security capability level is necessary for its intended use by performing a risk and threat analysis. IEC 62443 certified products represent a scalable layer of defense based on the required cybersecurity capability level, all while Source: ISASecureSource: ISASecurerequiring less complexity, overhead and maintenance than other solutions. End-users can request IEC 62443 conformity certification as a procurement requirement and specify the security capability level.

Which cybersecurity certification should I trust?

Choose a certification body (CB) that has earned an ISO/IEC 17065 CB accreditation and an ISO/IEC 17025 test lab accreditation from an ISO/IEC 17011 accreditation body, such as DAkkS, JAB or ANSI/ANAB. An ISO/IEC 17065 accreditation ensures that the CB is independent and free from conflicts of interest, and ISO/IEC 17025 accreditation ensures that the CB has well-defined and robust lab procedures ensuring consistent, credible test results.

Why do asset-owners trust ISASecure certifications for IEC 62443 compliance?

The ISASecure Certification Program was developed by cybersecurity experts, including end-users from the industry’s thought-leading companies, as the first standards-based program for control systems and the first to offer certifications for the IEC 62443 standards. It is the most referenced IEC 62443 control system certification scheme in the world.

Download the white paper to review the remaining six questions and learn more about ISASecure.

To contact the author of this article, email shimmelstein@globalspec.com


Powered by CR4, the Engineering Community

Discussion – 0 comments

By posting a comment you confirm that you have read and accept our Posting Rules and Terms of Use.
Engineering Newsletter Signup
Get the Engineering360
Stay up to date on:
Features the top stories, latest news, charts, insights and more on the end-to-end electronics value chain.
Advertisement
Weekly Newsletter
Get news, research, and analysis
on the Electronics industry in your
inbox every week - for FREE
Sign up for our FREE eNewsletter
Advertisement