CNCERT Acheron receives recognition as Communication Robustness Testing Test tool for use in the ISASecure® cybersecurity certification program
Research Triangle Park, North Carolina, USA (13 July 2017) – ISA Security Compliance Institute announced today that the Acheron Test tool, provided by CNCERT/CC & Beijing Xinlian Kehui Technology Co., has been formally recognized for official use by certification bodies in the ISASecure® control systems cybersecurity certification program.
Acheron is formally approved for use in both the ISASecure EDSA 2.0.0 and SSA 2.0.0 certifications.
Communication robustness testing (CRT) is one of four dimensions of the embedded device certification. CRT tools are also used for network stress testing during system level certifications.
The ISA Security Compliance Institute publishes CRT test tool recognition requirements used for evaluating CRT test tools submitted by suppliers for use in the IEC 62443 based ISASecure certification program. The ISASecure® tool recognition process confirms that the product’s test suites meet the ISASecure CRT requirements and are capable of consistently executing ISASecure certification tests.
ISCI recommends that suppliers use ISCI recognized CRT test tools during the product development and testing phases to identify and correct network-based security vulnerabilities. Using recognized CRT tools during the development process also aids suppliers in preparing for the formal ISASecure certifications.
The Acheron Test tool registration and certificate can be viewed on the ISA Security Compliance Institute (ISCI) web site (www.isasecure.org).
“The Acheron team was well-prepared for the recognition process and demonstrated a solid understanding of standards-based cybersecurity testing,” stated Andre Ristaino, ISCI Managing Director. “We are pleased to include Acheron to the growing list of ISCI-recognized CRT tools.”
The National Computer Network Emergency Response Technical Team/Coordination Center of China (known as CNCERT or CNCERT/CC) was founded in September 2002. It is a non-governmental non-profit cybersecurity technical center and the key coordination team for China’s cybersecurity emergency response community. As a national CERT, CNCERT strives to improve nation’s cybersecurity posture, and protect critical infrastructure cybersecurity. CNCERT leads efforts to prevent, detect, warn and coordinate the cybersecurity threats and incidents, according to the guideline of “proactive prevention, timely detection, prompt response and maximized recovery.”
CNCERT has branches and offices in 31 provinces, autonomous regions and municipalities across mainland China. As the key coordination organization of China’s cybersecurity emergency response system, CNCERT organizes enterprises, schools, non-governmental groups and research institutes that are specialized in cybersecurity and coordinates ISPs, domain name registrars and other emergency response organizations in a joint effort to build the cybersecurity emergency response system of China and handle major cyber security incidents.
As an important non-governmental organization to assist in the cross-border handling of cyber security incidents, CNCERT actively carries out international cooperation in cybersecurity and is committed to establishing a mechanism of prompt response and coordinated handling for cross-border cybersecurity incidents. CNCERT is a member of the world-renowned Forum of Incident Response and Security Teams (FIRST) and one of the founders of Asia Pacific Computer Emergency Response Team (APCERT). As of 2016, CNCERT has established “CNCERT International Cooperation Partnership” with 185 organizations in 69 nations and regions.
About the ISA Security Compliance Institute (ISCI)
Founded in 2007, the ISA Security Compliance Institute’s mission is to provide the highest level of assurance possible for the cyber security of industrial automation control systems (IACS).
The Institute was established by thought leaders from major organizations in the industrial automation controls community seeking to improve the cyber security posture of Critical Infrastructure for generations to come. ISCI Members include Chevron, ExxonMobil, Aramco Services, Honeywell, Invensys (now Schneider Electric), Yokogawa, exida, Codenomicon, CSSC, and IPA-Japan.
The Institute’s goals are realized through industry standards compliance programs, education, technical support, and improvements in suppliers’ development processes and users’ life cycle management practices. The ISASecure® designation ensures that IACS products conform to industry consensus cyber security standards such as IEC 62443, providing confidence to users of ISASecure products and systems and creating product differentiation for suppliers conforming to the ISASecure specification. www.isasecure.org
ISASecure® is a registered trademark of the ISA Security Compliance Institute.