Schneider Electric achieves industry-first ISASecure® Level Two Security Development Lifecycle Assurance certification
Research Triangle Park, North Carolina, USA (05 December 2017) – Schneider Electric, the leader in digital transformation of energy management and automation, announced today that its Calgary, Alberta and Lake Forest, California process automation product development centers have been certified by exida, a globally recognized ISO 17065 certification body.
Complementing exida's first certificate for Security Development Lifecycle Assurance (SDLA), awarded to three of Schneider Electric's product development centers in 2016, Schneider Electric is also the process automation industry's first company to receive an ISASecure SDLA Level Two compliance certification, awarded to its Calgary location (view certificates here).
Based on rigorous assessments during the product development lifecycle, ISASecure SDLA certifications validate that the Schneider Electric solutions developed at certified centers maintain robust security capabilities, even as the products are upgraded and maintained over their lifespans. The ISASecure SDLA certification specifications are set by the ISA Security Compliance Institute (ISCI) based upon the ISA/IEC 62443 international cybersecurity standards. ISCI is the leading not-for-profit automation controls industry consortium dedicated to accelerating industry-wide cybersecurity improvement for industrial automation and control systems (IACS).
Extending market leadership in cybersecurity certification
"Achieving the standards required for the ISASecure SDLA certification reflects Schneider Electric's commitment to setting industry benchmarks when it comes to securing industrial automation and control systems," said Andre Ristaino, managing director, ISCI. "By obtaining certification at two additional key development sites, Schneider Electric is better equipped to help its customers avoid vulnerabilities and ensure the integrity of machines and operations through an industry-leading product development process."
Five Schneider Electric development centers have now obtained SDLA certifications, with its Foxboro, Massachusetts; Worthing, U.K.; and Hyderabad, India, facilities being certified in May 2016. Since 2014, ISCI has also certified three Schneider Electric product solutions, including the company's Triconex™ Communication Module TCM, Field Device Controller FDC280 and Field Control Processor 280.
Driving real-time cybersecurity enhancements from connectivity
"These certified development sites and products demonstrate our commitment to cybersecurity in every phase of the product development lifecycle, and prove that Schneider Electric continues to lead the way when it comes to helping our customers confront their cybersecurity challenges," said Raja Macha, vice president, research and development, Process Automation, Schneider Electric. "Even though rapidly increasing levels of connectivity between assets and people are making our customers' operations more vulnerable, our value-focused, secure IIoT products, complemented with robust cybersecurity services, enable them to control their safety and security risks so they can take advantage of all that connectivity.
"It's another example of how we help our customers drive measureable improvements to their operations, safely and in real time, so they can convert their process automation investments into the profit engine of their business."
For more information about the ISCI SDLA certifications, please visit: http://isasecure.org/en-US/Certification/IEC-62443-SDLA-Certification
About Schneider Electric
Schneider Electric is leading the Digital Transformation of Energy Management and Automation in Homes, Buildings, Data Centers, Infrastructure and Industries. With global presence in over 100 countries, Schneider is the undisputable leader in Power Management - Medium Voltage, Low Voltage and Secure Power, and in Automation Systems. We provide integrated efficiency solutions, combining energy, automation and software. In our global Ecosystem, we collaborate with the largest Partner, Integrator and Developer Community on our Open Platform to deliver real-time control and operational efficiency. We believe that great people and partners make Schneider a great company and that our commitment to Innovation, Diversity and Sustainability ensures that Life Is On everywhere, for everyone and at every moment.
Follow us on*:
Hashtags: #security #securitycertification #automation #cybersecurity #ISASecure
exida is a certification and research firm specializing in safety critical/high availability automation systems, control system cybersecurity, and alarm management. exida has performed more process control safety certifications than any other company worldwide. exida’s main offices are located in Sellersville, PA, USA and Munich, Germany and has worldwide operations with service centers in Brazil, Canada, Mexico, Netherlands, and New Zealand, Singapore, Japan, South Africa, and the United Kingdom.
About ISA Security Compliance Institute (ISCI)
Founded in 2007, the ISA Security Compliance Institute's mission is to provide the highest level of assurance possible for the cyber security of industrial automation control systems (IACS).
The Institute was established by thought leaders from major organizations in the industrial automation controls community seeking to improve the cyber security posture of Critical Infrastructure for generations to come. ISCI Members include Chevron, ExxonMobil, Aramco Services, Honeywell, Invensys (now Schneider Electric), Yokogawa, exida, Codenomicon, CSSC, and IPA-Japan.
The Institute's goals are realized through industry standards compliance programs, education, technical support, and improvements in suppliers' development processes and users' life cycle management practices. The ISASecure® designation ensures that IACS products conform to industry consensus cyber security standards such as IEC 62443, providing confidence to users of ISASecure products and systems and creating product differentiation for suppliers conforming to the ISASecure specification. www.isasecure.org
ISASecure® is a registered trademark of the ISA Security Compliance Institute.