OT Cybersecurity Certification

Obtain Industrial Cybersecurity certification according to the IEC 62443 ISASecure® standard through an efficient process guided by our team of specialists.
Start your project
BYHON- OT Cyber Security Certification

Certification for Components and Systems

According to IEC 17065 and IEC 17025 standards

Discover more arrow
BYHON - OT Cyber Security Certification

Certification for Automation Solutions

Conformity of a system or component with the requirements of the IEC 62443 standard

Discover more arrow
BYHON - Statement of Compliance with the Standards of OT Cyber Security

IEC 62443, ISASecure® Certification Process

BYHON is a certification body and accredited laboratory, according to IEC 17065 and IEC 17025 standards, that implements ISASecure® certification processes and provides conformity assessments aimed at certifying Industrial Cybersecurity according to the IEC 62443 standard through the ISASecure® scheme with license number ISCI-CL0005.

All ISASecure® certification options based on product type:

  • SDLA Security Development Lifecycle Assurance Certification, process certification (mandatory to proceed with product certifications)
  • SSA System Security Assurance Certification, system certification
  • CSA o ICSA Component Security Assurance Certification e IIoT Component Security Assurance Certification, component or IIoT component certification
  • ACCSA Automation and Control Systems Security Assurance Certification, certification of installed automation solutions
Download the complete technical scheme arrow

Alternative low-impact solutions

  • IEC 62443 Conformity Assessment for Components and Systems, alternative to SSA, CSA, ICSA
  • IEC 62443 Conformity Assessment for Components and Systems, alternative to SSA, CSA, ICSA
BYHON: who we are BYHON: who we are

Make the right choice. Obtain an excellence certification quickly.

Request a BYHON assessor arrow

Phases for ISASecure® Certification

Watch the video explaining the technical scheme and how to obtain the ISASecure® certificate.

Why choose BYHON

BYHON: Over 20 years of operational experience

Fast response and action times

BYHON: Pool of functional safety specialists

Streamlined processes at every stage of work

BYHON: Pool of functional safety specialists

A team of assessors always by your side

When does OT Cyber Security certification apply?

Schema di certificazione ISASecure Diagramma con i rapporti tra Asset Owner, System Integrator, Product Supplier, Certification Body, ISA Security Compliance Institute e Accreditation Body. IACS Asset Owner IACS System Integrator IACS Product Supplier Certification Body ISO 17065, 17025 ISA Security Compliance Institute Accreditation Body ISO 17011 Specifies ISASecure Certified product Specifies ISASecure Certified product Submits Certificate Certification scheme Certified product Scheme Provides accreditation
IACS supply chain
Certification flow
Accreditation

Industrial Cyber Security is the part of the overall security of an Industrial Automation and Control System (IACS) that depends on the proper security development lifecycle used by product suppliers, where products include DCS and SCADA systems, and components such as embedded devices and software applications.

IEC 62443 is the international standard for the security of industrial automation and control systems. It was developed to protect industry and make data sharing and system operations safe and reliable, reducing the risk of cyber threats, equipment failures, production downtime, unexpected costs, and profit loss.

IACS stands for Industrial Automation Control System, also known as ICS (Industrial Control System). In a broader sense, IACS is synonymous with OT (Operations Technology), as it refers to technology that interfaces with an operational process. Examples of IACS include industrial devices such as PLCs, HMIs, and SCADAs.

The IACS Security Lifecycle is the security lifecycle of an IACS: the set of phases that must be carried out in order for IACS protection to comply with the Cyber Security requirements defined by the IEC standard. The phases of the IACS Security Lifecycle are Assess, Implement, and Maintain.

The CSMS (Cyber Security Management System) represents the set of practices and actions aimed at identifying cyber risks and defining the most appropriate countermeasures.

The Assess Phase consists of a set of activities aimed at identifying high-level risks and analyzing vulnerabilities and low-level risks. It includes Risk Assessment, Vulnerability Assessment, Penetration Test, Threat Modeling, and Security Level Allocation. This phase ends with the allocation of the minimum Cyber Security requirements required for each component of the IACS system.

During the Implement Phase, companies wishing to protect themselves from cyberattacks define the entire CSMS (Cyber Security Management System) and adopt procedures and strategies aimed at preventing cyberattacks and protecting their industrial control systems. Key activities include Defense Strategy, CSMS, and Security Level Verification.

Cyber Security is a process that needs to be constantly monitored and periodically implemented through maintenance activities related to the security level of industrial plants. The Maintain Phase is therefore dedicated to preserving security performance over time and includes activities such as Auditing and Follow up.

Certified Clients

Related articles