ISA Updates Industrial Cybersecurity Certifications

    Sept. 4, 2015

    New version of EDSA and SSA certification requirements to become effective Feb. 1 2016

    Danil Melekhin/iStock
    Danil Melekhin/iStock

    The ISA Security Compliance Institute, which manages the ISASecure industrial cybersecurity certification scheme for industrial automation and control systems (IACS), announced updates to certification requirements for the Embedded Device Security Assurance (EDSA) certification and System Security Assurance (SSA) certification.

    Changes impact ISASecure communication robustness tool (CRT) providers and technical readiness for ISASecure certification bodies (CB).

    ISASecure certifies to the international IEC 62443 series of IACS cybersecurity standards. Products are evaluated for conformance by independent labs accredited by JAB, ANSI/ANAB and, DaKKS. Lab accreditation requirements include ISO 17065, ISO 17025 and scheme-specific ISASecure requirements.

    The new EDSA and SSA industrial cybersecurity certification requirements are posted on www.isasecure.org  and are generally referred to as Version 2.  The new requirements are effective for any products submitted on or after Feb. 1 2016.

    READ ALSO: Honeywell Launches Digital Dashboard for Managing Industrial Cyber Security

    The EDSA and SSA requirements specifications on the website include documents that provide details and guidance on the transition to Version 2 (ISASecure-112 Transition Guidance to EDSA 2.0.0 and SSA 2.0.0) and related policies (ISASecure-113 Transition Policy to EDSA 2.0.0 and SSA 2.0.0) respectively.

    Updates include expanded requirements for vulnerability identification test (VIT) scans of products submitted for certification. In addition, the certification specification requirements documents have been simplified for use by industrial cybersecurity certification labs and suppliers. A key change includes references to a security development lifecycle assurance (SDLA) requirements document, which is used in both the EDSA v2 and SSA v2 certifications.

    Additional important changes to requirements are included in the transition and policy documents referenced above: ISASecure-112 Transition Guidance to EDSA 2.0.0 and SSA 2.0.0 and ISASecure-113 Transition Policy to EDSA 2.0.0 and SSA 2.0.0.

    Continue Reading

    Sponsored Recommendations

    Understand how TRICOR meters help optimize underbody protection in automotive production through accurate material delivery.
    Watch how precision flow monitoring enhances print quality and minimizes material waste in high-volume operations.
    Explore how flow meters support fuel efficiency and compliance in commercial marine operations.
    See how flow meters are used in environmental protection systems for accurate data and compliance.