![Page 1: Let’s Get IEC 62443-4 Conformance Certification](https://reader030.vdocument.in/reader030/viewer/2022012520/61951349f66cc6289b1a1166/html5/thumbnails/1.jpg)
Let’s Get IEC 62443-4
Conformance Certification
SZ Lin (林上智) , Moxa Inc.
![Page 2: Let’s Get IEC 62443-4 Conformance Certification](https://reader030.vdocument.in/reader030/viewer/2022012520/61951349f66cc6289b1a1166/html5/thumbnails/2.jpg)
2
What is IEC 62443-4
![Page 3: Let’s Get IEC 62443-4 Conformance Certification](https://reader030.vdocument.in/reader030/viewer/2022012520/61951349f66cc6289b1a1166/html5/thumbnails/3.jpg)
What is IEC 62443-4?
• It was created by the International Society for Automation (ISA) and publicly released as American National Standards Institute (ANSI)documents.
• It describes the specific product development and technical requirements of control system products
• ISA-62443-4-1
• It contains the requirements for the development of secure IACS products and solutions.
• ISA-62443-4-2
• It contains detailed technical requirements for IACS components level
3
![Page 4: Let’s Get IEC 62443-4 Conformance Certification](https://reader030.vdocument.in/reader030/viewer/2022012520/61951349f66cc6289b1a1166/html5/thumbnails/4.jpg)
4
What is IEC 62443-4 Conformance Certification?
![Page 6: Let’s Get IEC 62443-4 Conformance Certification](https://reader030.vdocument.in/reader030/viewer/2022012520/61951349f66cc6289b1a1166/html5/thumbnails/6.jpg)
ISA Security Compliance Institute - Mission
6
src: http://isasecure.org
• ISASecure provides the highest level of assurance possible for the cyber security of industrial automation control systems
![Page 7: Let’s Get IEC 62443-4 Conformance Certification](https://reader030.vdocument.in/reader030/viewer/2022012520/61951349f66cc6289b1a1166/html5/thumbnails/7.jpg)
7
The different betweenIEC 62443-4 and
Conformance Certification
![Page 8: Let’s Get IEC 62443-4 Conformance Certification](https://reader030.vdocument.in/reader030/viewer/2022012520/61951349f66cc6289b1a1166/html5/thumbnails/8.jpg)
8
IEC 62443-4 IEC 62443-4 Conformance Certification
Organization
Output Define IEC-62443-4 specification Define ISASecure® Certifications(Conformance Certification), based on IEC-62443-4 specification
Certificate Program For human For product
Note: The spec. of conformance certification is quite different from IEC-62443-4 specification. For example, there are“four” security levels defined in IEC-62443-4 specification; however, the conformance certification offers “three“
certification levels.
src: http://isasecure.orgsrc: https://www.isa.org
![Page 9: Let’s Get IEC 62443-4 Conformance Certification](https://reader030.vdocument.in/reader030/viewer/2022012520/61951349f66cc6289b1a1166/html5/thumbnails/9.jpg)
9
IEC 62443-4 Conformance Certification
![Page 10: Let’s Get IEC 62443-4 Conformance Certification](https://reader030.vdocument.in/reader030/viewer/2022012520/61951349f66cc6289b1a1166/html5/thumbnails/10.jpg)
IEC 62443 - Certification
10
• IEC 62443 - EDSA Certification
• Embedded Device Security Assurance (EDSA)
• IEC 62443 - SSA Certification
• System Security Assurance (SSA)
• IEC 62443 - SDLA Certification
• Security Development Lifecycle Assurance (SDLA)
![Page 11: Let’s Get IEC 62443-4 Conformance Certification](https://reader030.vdocument.in/reader030/viewer/2022012520/61951349f66cc6289b1a1166/html5/thumbnails/11.jpg)
IEC 62443 - EDSA Certification
• Functional Security Assessment (FSA)
• Security Development Artifacts for Embedded Devices (SDLPA)
• Requirements for Embedded Device Robustness Testing (CRT)
• Vulnerability Identification Test (VIT) Policy Specification
• Security Development Lifecycle Assessment (SDA)
11
![Page 12: Let’s Get IEC 62443-4 Conformance Certification](https://reader030.vdocument.in/reader030/viewer/2022012520/61951349f66cc6289b1a1166/html5/thumbnails/12.jpg)
IEC 62443 - EDSA Documents
12
src: http://www.isasecure.org/en-US/Documents/Authentication-Required-Specifications/EDSA-2-1-0/EDSA-100-Certification-scheme(v3_3)
![Page 13: Let’s Get IEC 62443-4 Conformance Certification](https://reader030.vdocument.in/reader030/viewer/2022012520/61951349f66cc6289b1a1166/html5/thumbnails/13.jpg)
EDSA Conformance Scheme Fees
13
src: http://www.isasecure.org/en-US/Certification/IEC-62443-EDSA-Certification
![Page 14: Let’s Get IEC 62443-4 Conformance Certification](https://reader030.vdocument.in/reader030/viewer/2022012520/61951349f66cc6289b1a1166/html5/thumbnails/14.jpg)
14
ISASecure Certified Devices
![Page 15: Let’s Get IEC 62443-4 Conformance Certification](https://reader030.vdocument.in/reader030/viewer/2022012520/61951349f66cc6289b1a1166/html5/thumbnails/15.jpg)
ISASecure Certified Devices
15
src: http://isasecure.org/en-US/End-Users/ISASecure-Certified-Devices.aspx
![Page 16: Let’s Get IEC 62443-4 Conformance Certification](https://reader030.vdocument.in/reader030/viewer/2022012520/61951349f66cc6289b1a1166/html5/thumbnails/16.jpg)
16
Accredited ISASecure Certification Bodies
![Page 17: Let’s Get IEC 62443-4 Conformance Certification](https://reader030.vdocument.in/reader030/viewer/2022012520/61951349f66cc6289b1a1166/html5/thumbnails/17.jpg)
Accredited ISASecure Certification Bodies
17
src: http://isasecure.org/en-US/End-Users/ISASecure-Certified-Devices.aspx
Laboratory Location
• Japan
• USA• Germany• United Kingdom• Asia Pacific – Singapore
• Germany
![Page 18: Let’s Get IEC 62443-4 Conformance Certification](https://reader030.vdocument.in/reader030/viewer/2022012520/61951349f66cc6289b1a1166/html5/thumbnails/18.jpg)
Control System Security Center Certification Laboratory, Japan
18
src: http://www.cssc-cl.org/en/aboutus/index.html
![Page 19: Let’s Get IEC 62443-4 Conformance Certification](https://reader030.vdocument.in/reader030/viewer/2022012520/61951349f66cc6289b1a1166/html5/thumbnails/19.jpg)
19
src: http://www.cssc-cl.org/en/about_edsa/procedures.html
![Page 20: Let’s Get IEC 62443-4 Conformance Certification](https://reader030.vdocument.in/reader030/viewer/2022012520/61951349f66cc6289b1a1166/html5/thumbnails/20.jpg)
Thank you!
20
![Page 21: Let’s Get IEC 62443-4 Conformance Certification](https://reader030.vdocument.in/reader030/viewer/2022012520/61951349f66cc6289b1a1166/html5/thumbnails/21.jpg)
References
[1] https://en.wikipedia.org/wiki/Cyber_security_standards#ISA/IEC-62443_(formerly_ISA-99)
[2] https://www.isa.org/isa99/
[3] http://isasecure.org
[4] http://www.isasecure.org/en-US/Certification/IEC-62443-EDSA-Certification
21