We provide consulting for the implementation of a Security Development Lifecycle (SDL) to design and manufacture industrial devices and systems in conformity with Industrial Cyber Security standards and to verify the product’s technical conformity with standard requirements in order to prepare for IEC 62443 certification.
Support in complying with the IEC 62443 standard
H-ON Consulting offers a unique consulting approach based on extensive knowledge of product standards and the necessary operations, features that demonstrate service excellence in the sector.
The goal of our IEC 62443 consulting service is to support manufacturers in designing OT systems and components in conformity with Industrial Cyber Security standards, as defined by international reference legislation. We provide support in applying the conformity requirements for new products, including control systems and hardware or software components intended to be integrated into large industrial systems.
We specialize in implementing Security Development Lifecycles (SDL) for hardware or software OT systems, including:
- Combined HMI/PLC systems
- SCADA systems
- Packaged Control Systems (PCS)
- Distributed Control Systems (DCS)
- Safety Instrumented Systems (SIS)
- Control System Platforms
- Other types of devices and tools
The service is provided by our in-house pool of IEC 62443 99-certified specialists and is developed through a series of actions intended to ensure product conformity with Industrial Cyber Security standards:
- Defining objectives
- On-the-job training for the roles involved in product development
- High-level assessment of the processes and product features
- Low-level assessment of the product lifecycle
- Developing OT Cyber Security procedures
- Issuing final conformity documents
The consulting process is also in preparation for IEC 62443 certification, which attests industrial component or system conformity with legislative requirements.
In IEC 62443/ISA 99 terms, an OT system is defined as a “control system,” that is, a hardware or software component intended to be integrated into a final industrial automation and control system. PLCs, HMIs, SCADA systems, and safety instrumented systems are examples of OT systems.
The legislative references in the IEC 62443 standard directed at OT device manufacturers are found in IEC 62443-4-1 and IEC 62443-4-2 regarding the design requirements in conformity with legislation for systems, sub-systems, or hardware or software components.
As defined in IEC 62443-4-1, the manufacturer is required to implement certain cyber security practices when developing the product:
- Specification of Security Guidelines
- Security by design
- Secure Implementation
- Security V&V Testing
- Security Guidelines
Why Choose us
- Experience in the OT Cyber Security field since 2014
- In-house OT Cyber Security laboratory
- In-house IEC 62443/ISA 99-certified personnel (Fundamentals Specialist and Cyber Security Risk Assessment Specialist)
- Pool of automation and OT network specialists
- Wide network of collaborations with the main international OT solution suppliers
What some of our customers say about us
"The collaboration was a very successful experience for both companies."
"We highly recommend H-ON Consulting service for their expert industrial knowledge concerning machines, process, digital data."
"The biggest benefit our company received working with H-ON Consulting was a combination of on-going flexibility and most of all speed of delivery."
Sirio Sistemi Elettronici