10262020Mon
Last updateSat, 12 Sep 2020 12pm

ISA Introduces an Overview of the ISA/IEC 62443 Series: New Guide to Cybersecurity Standards

The International Society of Automation (ISA) and the ISA Global Cybersecurity Alliance have released a new guide to the world’s only consensus-based automation cybersecurity standards. “Quick Start Guide: An Overview of the ISA/IEC 62443 Series of Standards,” now available for download at isa.org/cyberguide, provides a high-level view of the objectives and benefits of these standards—as well as easy-to-use explainers on how to navigate them. The guide explores how and why IT and OT/ICS need unique types of protection against cyber threats and offers the latest recommendations on patch management. This new guide answers some of the most common questions about the ISA/IEC 62443 Standards, including:

Why is this series of standards important? What are the benefits of using the standards?
How are IT and ICS systems different?
Which documents are part of the series and how can I use them to find what I need?
Where can I find the current best practices around patch management?
The ISA Global Cybersecurity Alliance’s Advocacy and Adoption work group coordinated the development of the guide, which was authored by Johan Nye. Nye is an independent consultant specializing in industrial control systems and cybersecurity. During his career spanning more than 38 years, Nye has designed ICS system architectures, created company standards and policies, implemented major ICS projects, supported ICS site engineers, and contributed to the design of several ICS products.

“Automation cybersecurity standards are crucial in this increasingly connected world,” says Mary Ramsey, ISA executive director. “The ISA/IEC 62443 Series of Standards leads the way as the world’s only consensus-based standards that focus on automation cybersecurity. One goal of the ISA Global Cybersecurity Alliance is to raise awareness of these standards and encourage their adoption across a wide range of industries. We are grateful to the ISAGCA Advocacy and Adoption work group and Johan Nye for distilling these standards into a user-friendly format that can be shared widely.”


Exida Introduces ISA-18.2 / IEC 62682 Alarm Management Certificate Program

The global leader in functional safety, cybersecurity, and alarm management for the process industries, exida, has introduced their Alarm Management Practitioner (AMP) Program, a new certificate program that complements the company’s existing functional safety and ICS cybersecurity certificate programs.

The AMP Program is designed to teach end users, integrators, suppliers, and regulators how to realistically apply the most important concepts from the ISA-18.2 and IEC 62682 alarm management standards. The program was developed by exida experts who were instrumental in writing the ISA-18.2 standard and associated technical reports. It leverages exida’s experience from hundreds of alarm management projects to deliver the most important principles and the keys for success.

The AMP program will be offered in conjunction with the exida Academy Training course ALM 101: Introduction to Alarm Management Practices & Principles, which is offered generically or for specific control systems.

“exida’s AMP Program was developed to share what the ISA-18.2 and IEC 62682 really mean and how to apply them pragmatically,” said Todd Stauffer, exida Director of Alarm Management and voting member ISA-18.2. “Taking the course and completing the certificate demonstrates that the practitioner is prepared to support key alarm management activities, such as alarm philosophy development, alarm rationalization, and alarm issue remediation.”

A list of AMP certificate holders will be maintained on the exida website.

Sneakers

Rockwell Automation Expands Machinery Safety System Integrator Program

Many manufacturers rely on system integrators to design and install compliant machinery safety solutions, but they often struggle to find the most capable provider. To help ease that process, Rockwell Automation continues to expand its global Machinery Safety System Integrator program. Three new members have joined in the first half of 2016, bringing the total number to 26.

“We created this program in 2014 to connect manufacturers with safety system integrators they can trust,” said Mark Eitzman, manager of safety market development, Rockwell Automation. “It’s become a valuable resource for manufacturers because we do the vetting for them. We make sure the integrators thoroughly understand current safety standards and know how to apply safety technologies in a way that also improves plant productivity.”

To be eligible, candidates must be current Rockwell Automation Solution Partners or Recognized System Integrators with three to five years of machine safety experience. They must complete an intensive education and assessment process, but Rockwell Automation also recognizes third-party certification from industry-accepted organizations, such as TÜV or exida.

After meeting these initial requirements, each candidate’s safety engineers complete training modules on topics such as global safety standards, safety risk assessment practices, and safeguarding mitigation and validation. Finally, each candidate must submit a machinery safety project that is consistent with global standards.

The three new members of the program include:

  • Automation Electronics Group and Systems (AEG Systems), a Rockwell Automation Recognized System Integrator based in Mexico, specializes in customized process, motion and MES applications for clients around the world.
  • RT Engineering, a Rockwell Automation Recognized System Integrator located in Franklin, Massachusetts, provides custom controls and automation solutions for customers in the medical, pharmaceutical and metals industries.
  • SINCI, a Rockwell Automation Solution Partner located in Guadalajara, Mexico, specializes in control, process and information applications for customers in food and beverage, metals, mining and utilities.

NIKE AIR JORDAN

Siemens gets TUV Certification in the development process Automation products

As the first company to receive TÜV SÜD certification based on IEC 62443-4-1 for the interdisciplinary process of developing Siemens automation and drive products, including industrial software, Siemens received the certification at seven development sites in Germany. Among other things, these sites are developing Simatic S7 industrial controllers, Simatic industrial PCs, Simatic HMI (Human Machine Systems Interface) devices for operator control and monitoring, and Sinamics drives as well as the TIA (Totally Integrated Automation) Portal engineering software. The international series of standards IEC 62443 defines the security measures for industrial automation systems, with Part 4-1 of the standard describing the requirements of the manufacturer's development process.
The TÜV SÜD certificate is based on the standard IEC 62443-4-1 (Secure Product Development Lifecycle Requirements, Draft 3 Edition 10, 01.2016). This standard includes security-relevant requirements such as capabilities and expertise, security of third-party components, process and quality assurance, secure architecture and design, and issue handling as well as security updates, patches and change management.

As a leading automation and software supplier for industry, Siemens is continuously improving its products and solutions with regard to industrial security. This also includes the certification based on IEC 62443-4-1. With this achievement, the company is documenting its "Security by Design" approach for automation products and is giving integrators and operators a transparent insight into the IT security measures. Integrators and operators use this for the conception and operation of automation processes and systems using Siemens technology and the "Defense in Depth" protection concept.

To ensure comprehensive protection of industrial plants from internal and external cyber attacks, all levels must be protected simultaneously – ranging from the plant management level to the field level and from access control to copy protection. This is why our approach to comprehensive protection offers defense throughout all levels – "defense in depth". This concept is according to the recommendations of ISA99 / IEC 62443 – the leading standard for security in industrial applications.

Off White X Max 98

Exida presents Safety Award for Automation Cybersecurity Development to Schneider Electric

Mike Medoff, exida senior safety engineer presented the 2015 exida Safety Award in the Cybersecurity Category to Schneider Electric recognizing their Process Automation Cybersecurity Development Process. The presentation was delivered at Connect 2016, Schneider Electric’s Automation Conference on May 24, 2016 in New Orleans, LA.

The exida Safety Awards is an annual program that honors exida certified products/processes that best demonstrate new and innovative work, and that have the ability to play a key role in the continuous journey of making the world a safer place.

Running Shoes & Gear