ISASecure® Certification benefits

Reading time: 5 minutes - Difficulty: medium
The certification issued by an ISASecure® Accredited Certification Body is the highest global recognition for cyber security-related products and demonstrates that the applicable ISA/IEC 62443 requirements have been met throughout the whole lifecycle.

Why obtain the ISASecure® Certification

The benefits of ISASecure® certification are many. In particular, it:

  • Establishes a higher level of trust
  • Improves product security
  • Establishes company policy for the use of ISA/IEC 62443
  • Updates product development processes to comply with IEC 62443
  • Proves a proactive approach to achieve competence in cyber security
  • Improves product sales via the use of the globally recognized ISASecure® Certification

 

The primary benefit of third-party conformity certification is that it establishes trust between asset owners, product suppliers, and service providers. Indeed, the independence and capability of an accredited third-party assessor provide a higher level of trust.

In addition, the certification improves the safety, integrity, availability, and confidentiality of the Industrial Automation Control System (IACS) using a risk-based, methodical and complete process throughout the entire lifecycle, including the secure design, implementation, and validation of the system.

 

Further information:

 

The combination of technology with sufficiently trained people and work processes ensures the safety, integrity, availability, and confidentiality of a control system. Therefore, all this makes the system less vulnerable to cyber attacks.

The certification assessment also helps decrease the time, cost, and risk of developing control systems by establishing a collaborative program between asset owners, product suppliers, and service providers.

In this way, the development of industry standards, in general, can accelerate by certifying control systems that meet a common set of requirements as proof of major product security according to the IEC 62443 international standards.

Lastly, the certification supports a proactive approach to achieve competence in cyber security, which is a very important point in favor of product suppliers.

For all these reasons, ISASecure® Certification improves product security and consequently improves product sales thanks to the use of the certification in product marketing.

 

What products can be certified

Product suppliers can certify various types of IACS systems and components identified by the reference standard IEC 62443:

  • IACS components, such as embedded device, host device, network device, software application
  • IACS system/control system consists of a set of IACS components
  • Automation solution combining IACS systems and components
  • Industrial Automation and Control System (IACS) including the automation solution and the policies for its maintenance

 

Types of ISASecure® certificate

The ISASecure® Certification scheme covers 3 types of certificates. For all of these, it must be conducted conformity assessment with the aim of evaluating the procedures that describe the product, identifying the applicable requirements, and providing the methodology to assess that IEC 62443 standards have been met.

The types of certificates are:

  • ISASecure Security Development Lifecycle Assurance (SDLA) according to IEC 62443-4-1
  • ISASecure System Security Assurance (SSA) according to IEC 62443-3-3
  • ISASecure Component Security Assurance (CSA) according to IEC 62443-4-2

 

It is mandatory to obtain the SDLA certificate before applying for either SSA or CSA certificates.

A certificate lasts 3 years and can be extended once the product supplier passes a recertification audit.

Do you want to learn more about Industrial Cyber Security?

What does HARA mean for ISO 26262?

The HARA method The HARA method aims at identifying and categorizing hazardous events of items, and also at specifying safety goals according to ISO 26262 and ASILs (Automotive Safety Integrity Levels) related to the prevention or mitigation of the associated hazards in order to avoid unreasonable risk. This means that the combination of a hazard […]

Read more

A brief introduction to ISO 26262

ISO 26262 Standard Application It covers the implementation of functional safety through electrical and/or electronic (E/E) systems, and presents a specific lifecycle for items used in the automotive sector. Thus, it provides a reference for the automotive safety life cycle and supports the adaptation of activities to be performed during the lifecycle phases, i.e. development, […]

Read more
Byhon Logo bianco

Subscribe to our newsletter to stay up to date on Functional Safety and Industrial Cyber Security news and events

ISCRIVITI
close-link
Send this to a friend