The brand new ICSA Certification by ISASecure® for IIoT devices

Reading time: 3 minutes - Difficulty: advanced

The ISASecure® program is announcing the new ISASecure® certification offering for industrial internet of things (IIoT) components based on the ISA/IEC 62443 series of standards.


What is the ICSA Certificate

The IIoT Component Security Assurance (ICSA) certification was inspired by recommendations published in the joint ISA Global Security Alliance (ISAGCA) and ISA Security Compliance Institute (ISCI) study.

The ISASecure IIoT Component Security Assurance (ICSA) is a security certification program for IIoT devices and IIoT gateways. ICSA certification applies to IACS (Industrial Automation Control System) components that:

  • meet the definition in the standard IEC 62443-4-2 Security for industrial automation and control systems Part 4-2: Technical security requirements for IACS components, for at least one of embedded device, host device, or network device
  • meet one or both of the following definitions for IIoT device and IIoT gateway


More specifically:

  • An IIoT deviceis an entity that is a sensor or actuator for a physical process, or communicates with sensors or actuators for a physical process, that directly connects to an untrusted network to support and/or use data collection and analytic functions accessible via that network.
  • An IIoT gatewayis an entity of an IioT system that connects one or more proximity networks and the IioT devices on those networks to each other and directly connects to one or more untrusted access networks


All the other types of certificate

The ICSA certificate enriches the range of certificates issued by the accredited ISASecure® certification bodies.

In addition to ICSA, the other types of certificates are:

  • Security Development Lifecycle Assurance (SDLA) according to IEC 62443-4-1
  • System Security Assurance (SSA) according to IEC 62443-3-3
  • Component Security Assurance (CSA) according to IEC 62443-4-2
  • Automation and Control Systems Security Assurance (ACSSA) according to ISA/IEC 62443


Who issues the certification

While ISCI develops and maintains the Certification Scheme, it does not perform the certification itself.

This is done by an ISASecure® Certification Body, which is an organization that specializes in third-party conformity assessments. Certification bodies are accredited by an accreditation body based on the ISO/IEC 17065 standard, which addresses topics such as confidentiality and impartiality in the certification process.

ISASecure® Certificate issued by a Certification Body is globally recognized and demonstrates that the applicable ISA/IEC 62443 requirements have been met.


In the world, there are only a few ISASecure® accredited Certification Bodies, including our BYHON division.


Do you need further information about the ISASecure® certification opportunities?


Contact us

Do you want to contribute to our page? Follow us on Linkedin


Go back to the blog
Send this to a friend