Cybersecurity of Connected Equipment

Cybersecurity of Industrial Control and Connected Systems

 

Individual devices, as well as entire systems, have evolved to include networking interconnectivity as well as cloud-based processes. This interconnectivity and remote access have evolved faster than security measures making them vulnerable to cybersecurity threats. Exploited vulnerabilities could lead to production interruptions, reduced quality, and financial ramifications of intellectual and physical property losses.

To address these threats, ISA99, in conjunction with IEC TC 65 WG 10, brought together cybersecurity experts from around the world to create a wholistic approach to reduce both current and future vulnerabilities via the creation of the ISA/IEC 62443 series of standards and technical reports.

The standards:

  • Define the entire stakeholder community to successfully apply the standards
  • Address the policies and procedures required in an effective security program
  • Define requirements and practices at the system level
  • Define security related technical requirements of the products and components

A critical piece to the effectiveness of the ISA/IEC 62443 series of standards is the certification of equipment. As a highly specialized and internationally recognized ISASecure® Certification Body, FM Approvals tests and certifies the conformance of industrial control systems, connected systems, and related components to the ISA/IEC 62443 standards.

The FM Approvals Cybersecurity Laboratory is operated by cybersecurity experts with hosted servers and specially designed test stations configured to efficiently evaluate multiple products simultaneously for compliance with ISA/IEC 62443.

Products tested and certified by FM Approvals for cybersecurity have designed-in security, have passed vulnerability identification testing, and are robust against cybersecurity attacks at the designated security level.

All systems and components that successfully attain FM Approvals' ISA/IEC 62443 certification will bear the FM Diamond, along with a specific security level designation, and be listed in the cybersecurity section of the Approval Guide.

FM Approvals has cybersecurity certification programs for;

  • Industrial Control Systems (ICS)
  • Physical devices with cloud-based processes (IoT)
  • Intelligent factory, building management systems, and safety and security systems (IIoT)

If your organization manufactures or is in search of ICS, IoT, or IIoT systems and components, please visit the Approval Guide and contact Patrick Byrne (Technical Team Manager, Electrical Systems).

Functional Safety (SIL)

Product manufacturers seeking cybersecurity certification, should also consider functional safety or SIL certification to the consensus-based international standard – IEC 61508. Pursuing cybersecurity and SIL certifications simultaneously can ensure that products or systems meet the highest standards of safety, which is especially important in the oil and gas, chemical processing, and manufacturing industries. This approach streamlines the development and testing processes, reduces costs, improves efficiency, and enhances the manufacturer's reputation for safety, security, and reliability.