|
exida is successfully applying proven tools and methodologies from the more mature functional safety certification program to independently verify a product’s security protection. The result is Integrity Certification™, the only product certification that evaluates safety, security and reliability. Integrity Certification provides plant operators with third-party validation and helps reduce the complexity of product selection and deployment. For equipment manufacturers, Integrity Certification provides a way to demonstrate that their product meets or exceeds their customers’ safety, security and reliability requirements. It also represents an important opportunity for competitive differentiation.
A Functional Security Assessment detects errors or omissions in the security functionality of a product when audited against requirements for its target security level. Currently, there are no standards that define the security requirements and security assurance levels for industrial automation and control system products. Such standards are under development by ISA, IEC, WIB and other standards organizations. In the meantime, it is possible to evaluate a product against requirements derived from more general control system security standards such as ISA 99.01.01 or general IT security standards such as NIST 800-53, ISO/IEC 15408 or ISO/IEC 27001 & 27002. A Development Lifecycle Assessment detects and avoids systematic design faults. The vendor’s software development and maintenance processes are audited against the security equivalent of IEC 61508, ensuring the organization follows a robust software development process. |
||||||
| ||||||
|
Network Robustness Testing is based on Wurldtech’s industry-leading Achilles Certification Program. Achilles Level I Certification identifies vulnerabilities in Ethernet-enabled industrial components, assuring the security, reliability, and robustness of an implementation of OSI layers 2 through 4, including Ethernet, ARP, IP, ICMP, TCP and UDP. A component must pass each of the over 30 million individual tests to achieve Achilles Level I Certification, with Pass/Fail criteria being specified in terms of key component functionalities, such as continuity of process control.
