Certification of compliance with IEC 62443 standards is the pinnacle to aim for to prove the security of a system, machine or plant intended for large End Users.
Discover all the Certification options issued by the ISASecure® Accredited Body
Our internal BYHON division is accredited by ANSI and ISASecure® for the issuance of certification according to IEC 62443 schemes.
We implement the compliance verification schemes defined by ISASecure®, with license number ISCI-CL0005, including process verification, Security Development Lifecycle Assurance Certification (SDLA). The SDLA process scheme is distinctive of ISASecure® certification and preparatory to the assessment of technical compliance of the product – component or system – according to the models of Component Security Assurance Certification (CSA) and System Security Assurance Certification (SSA).
The certification options issued by BYHON and accredited by ISASecure®, for integrators and manufacturers of machines and systems, are:
- SDLA (Security Development Lifecycle Assurance) certification. Third-party verification with respect to ISASecure® requirements that the IEC 62443-4-1 standard, focused on the Security Plan, is implemented by the certification applicant
- SSA (System Security Assurance) certification. Third-party verification with respect to the ISASecure® requirements that the IEC 62443-3-3 standard is implemented in a standard product solution, of which the application of the SL-T (Zone & Conduit) diagram is verified. The service also includes verification of the conformity of the artifacts to the IEC 62443-4-1 lifecycle. The lifecycle must also be certified together with the application for SSA Certification.
The purpose of the ISASecure® certification service is to perform independent certification showing that a system meets the requirements of the IEC 62443 standard for a given level of security (SL-C). The certification scheme is applied in the most comprehensive manner and as the highest recognition of compliance, with a certificate issued by an ISASecure® accredited laboratory.
In addition, we provide other certification methods, inspired by the Industrial Cyber Security certification schemes according to IEC 62443:
- IEC 62443 Certification. Third-party verification of compliance with the requirements of IEC 62443-3-3 for a standard solution, of which the application of the safety level (SL-T) envisaged in the Zone & Conduit document is verified.
- Inspection and Declaration of Conformity. Third-party evaluation of an automation solution (a system, machine or plant) configured for a specific order in accordance with the requirements of IEC 62443, and considering the applicable SL-T requirements. The service includes the review of the project documentation and an inspection at the installation site to test the plant before delivery to the end user. The result is a test report with declaration of conformity issued by BYHON.
The purpose of the IEC 62443 certification service and inspection service is to perform an independent certification that validly and demonstrably evidences the compliance of a system or machine with the requirements of IEC 62443 for a given level of security (SL-C), again guaranteeing the parameters of security, integrity, availability and confidentiality.
In IEC 62443/ISA 99 terms, an OT system is defined as a “control system,” that is, a hardware or software component intended to be integrated into a final industrial automation and control system. PLCs, HMIs, SCADA systems, and safety instrumented systems are examples of OT systems.
The legislative references in the IEC 62443 standard directed at OT device manufacturers are found in IEC 62443-4-1 and IEC 62443-4-2 regarding the design requirements in conformity with legislation for systems, sub-systems, or hardware or software components.
As defined in IEC 62443-4-1, the manufacturer is required to implement certain cyber security practices when developing the product:
- Specification of Security Guidelines
- Security by design
- Secure Implementation
- Security V&V Testing
- Security Guidelines
The IEC 62443 Standard, the international reference for Industrial Cyber Security
Considering the impact of Industry 4.0 on Industrial Cyber Security, the only way to apply […]Read more
What is ISASecure® Certification
ISASecure® is a third-party conformity assessment scheme based on the ISA/IEC 62443 series of standards […]Read more
ISASecure® Certification benefits
The certification issued by an ISASecure® Accredited Certification Body is the highest global recognition for […]Read more
Follow us on
Why Choose us
- Experience in the OT Cyber Security field since 2014
- In-house OT Cyber Security laboratory
- In-house IEC 62443/ISA 99-certified personnel (Fundamentals Specialist and Cyber Security Risk Assessment Specialist)
- Automation and OT network specialists
- Wide network of collaborations with the main international OT solution suppliers
What some of our customers say about us
"Their flexible and innovative approach to Cyber Security Risk Assessment had been the key for the success of our conformity project according to IEC 62443 standards."
"We recommend H-ON Consulting because they are a firm that shares inspiring values, such as continuous professional growth and innovation seeking."
"The collaboration was a very successful experience for both companies."
"The biggest benefit our company received working with H-ON Consulting was a combination of on-going flexibility and most of all speed of delivery."
Sirio Sistemi Elettronici
"We highly recommend H-ON Consulting service for their expert industrial knowledge concerning machines, process, digital data."