Security Development Lifecycle Assurance (SDLA) Certification
The SDLA certifies compliance to the ISA/IEC 62443-4-1 standard.
SDLA Certification Versions
Ordered most recent first.
SDLA 3.0.0
SDLA 2.0.0
SDLA 2010.1
SDLA Certification (SDLA) - 3.0.0
Effective 16 June 2020
*See ISASecure-118 for version transition details*
Scope
ISASecure SDLA is a certification program that applies to the development lifecycle processes of suppliers for control system products. The ISASecure SDLA certification program certifies compliance to IEC 62443-4-1 Security for industrial automation and control systems Part 4-1: Secure product development lifecycle requirements (also published as ANSI/ISA-62443-4-1).
An SDLA certification is granted for:
- a named development organization or organizations
- a specific version of a named, documented development lifecycle process under version control that is used by that organization(s).
The documented process itself shall specify:
- whether it applies to development of components, systems or both; and
- the scope of products to which the organization applies the process (which may be all products).
In order to carry out an ISASecure SDLA certification, a certifier:
1.evaluates the specific documented version of the organization’s process to assess whether it meets the requirements stated in the SDLA specification; and
2.reviews representative artifacts to verify that each ISASecure SDLA requirement is being followed for products under the scope of the process.
The supplier provides a list of products for which such artifacts are available, for the various requirements. The certifier may select from among these to review.
If some aspects of the process are fully in place but have not yet been executed, the certifier can grant certification for a limited time period based upon a review of the development organization’s readiness to execute them, as described in the specification SDLA-300.
Certified Development Lifecycle Processes
A supplier whose development lifecycle process has been evaluated under the ISASecure SDLA certification program and shown to meet these technical criteria may display the ISASecure symbol and a certificate granting certification, in accordance with program procedures. A certification references a 3-digit certification version that identifies the set of ISASecure specifications used for the certification. For example, the ABC Company development process might be certified to ISASecure SDLA 3.0.0.
The program defines an expiration period for ISASecure SDLA certification, as well as actions required to maintain the certification beyond this period, i.e. extend the expiration date.
Subject to permission of each organization, ISCI will post on its web site http://www.ISASecure.org, the names of organizations that hold an SDLA certification for their development lifecycle process.
Relationship to the ISASecure® Product Certification Programs
In order to obtain a certification for a product, a supplier shall hold an ISASecure SDLA certification of a security development lifecycle process that applies to development of product updates going forward. This is described in the specifications CSA-300 and SSA-300, which describe certification criteria for the ISASecure product certification programs Component Security Assurance and System Security Assurance, respectively.
The supplier may at their option apply concurrently for both ISASecure SDLA process certification and ISASecure certification for a specific product, in which case product security artifacts may serve as evidence toward both certifications.
Organizational Roles
The following organizations participate in the ISASecure cybersecurity certification program, an ISO/IEC 17065 conformity assessment scheme.
- Asset owners define procurement criteria and acceptable risk tolerance for control system solutions, and approve the system integrator’s defense in depth model (technical and organizational capabilities) and rationale, which may rely upon certified components and systems. Certified components and systems in turn are developed and maintained under an SDLA-certified process. An entity may assume the role of an asset owner and a service provider (for integration and/or maintenance).
- Integration service providers may use component and system certification information as a method for identifying components and systems to be procured as part of an IACS solution. SDLA certification is among the prerequisites to component and system certification; application of IEC 62443-4-1 practices as verified by SDLA certification is intended to provide confidence that the component or system has security commensurate with its expected level of risk throughout the product’s life-cycle.
- Maintenance service providers may use product certification information, which implies an underlying SDLA certification, to evaluate how a product developer’s security development lifecycle process and user documentation required by that process, will support their site hardening, event management, and decommissioning processes.
- Product suppliers apply for certification of their development lifecycle processes
- Chartered SDLA laboratories accept applications from suppliers for process certification, evaluate processes, and are authorized to grant SDLA certifications (conformity assessment body)
- ISCI (ISA Security Compliance Institute) defines, maintains and manages the overall ISASecure SDLA certification program, interprets the ISASecure specifications and maintains a web site for publishing program documentation, as well as a list of chartered SDLA laboratories, ISASecure certified supplier development lifecycle processes and ISASecure certified products
- ASCI (Automation Standards Compliance Institute), as the legal entity representing ISCI, grants chartered SDLA laboratory status to applicant organizations based on successful accreditation to criteria defined by ISCI
- SDLA accreditation bodies (AB) evaluate certification body (CB) candidates for chartered SDLA laboratory status to determine if they meet program accreditation criteria
ISCI is organized as an interest area within ASCI, a not-for-profit 501 (c) (6) corporation owned by ISA (International Society of Automation). Descriptions of the governance and organizational structure for ASCI are found on the ISASecure website: http://www.ISASecure.org.
An SDLA accreditation body will be an organization recognized by IAF/ILAC.
ISASecure CB’s conduct assessments in accordance with ISO/IEC 17065 and maintain confidentiality of supplier’s assessment information at all times. No proprietary company information is ever publicly disclosed. As the owner of the ISASecure conformance scheme, random work products related to a supplier evaluation may be examined by ISCI staff at infrequent intervals to ensure the quality of the ISASecure SDLA program or to process a complaint to ISCI lodged by a supplier.
Certification Program Documentation
Figure 1 - ISASecure SDLA Documents
ISASecure® SDLA Conformance Scheme Fees
Prior to January 1st, 2020 | |
SDLA Certification Registration Fee -Member (billed when passed) | $5,000 |
SDLA Certification Registration Maintenance Fee - Member | $3,000 |
SDLA Certification Registration Fee - non-Member (billed when passed) | $7,500 |
SDLA Certification Registration Maintenance Fee - non-Member | $5,000 |
After January 1st, 2020 | |
SDLA Certification Registration Fee (Annual Fee) | $1,500 |
Security Development Lifecycle Assurance Certification Specification
SDLA-100 ISASecure Certification Scheme | View/Download Resource |
SDLA-102 Errata | View/Download Resource |
Lab Accreditation Requirements
ISASecure-118 Transition to SDLA 3.0.0 | View/Download Resource |
Certification Specifications
SDLA-204 Instructions and Policies for Using the ISASecure Symbol and Certification | View/Download Resource |
SDLA-205 Certificate Document Format | View/Download Resource |
Technical Specifications
SDLA-300 ISASecure Certification Requirements | View/Download Resource |
SDLA-312 Security Development Lifecycle Assessment | View/Download Resource |
SDLA Certification (SDLA) - 2.0.0
Effective 13 February 2018
*See ISASecure-115 for version transition details*
Scope
ISASecure SDLA is a certification program that applies to the development lifecycle processes of suppliers for control system products. The ISASecure SDLA certification program certifies compliance to IEC 62443-4-1 Security for industrial automation and control systems Part 4-1: Secure product lifecycle requirements (also published as ANSI/ISA-62443-4-1).
An SDLA certification is granted for:
- a named development organization or organizations
- a specific version of a named, documented development lifecycle process under version control that is used by that organization(s).
The documented process itself shall specify:
- whether it applies to development of components, systems or both; and
- the scope of products to which the organization applies the process (which may be all products).
In order to carry out an ISASecure SDLA certification, a certifier:
1.evaluates the specific documented version of the organization’s process to assess whether it meets the requirements stated in the SDLA specification; and
2.reviews representative artifacts to verify that each ISASecure SDLA requirement is being followed for products under the scope of the process.
The supplier provides a list of products for which such artifacts are available, for the various requirements. The certifier may select from among these to review.
Certified Development Lifecycle Processes
A supplier whose development lifecycle process has been evaluated under the ISASecure SDLA certification program and shown to meet these technical criteria may display the ISASecure symbol and a certificate granting certification, in accordance with program procedures. A certification references a 3-digit certification version that identifies the set of ISASecure specifications used for the certification. For example, the ABC Company development process might be certified to ISASecure SDLA 2.6.1.
The program defines an expiration period for ISASecure SDLA certification, as well as actions required to maintain the certification beyond this period, i.e. extend the expiration date. The program also offers formal recognition for organizations that have made significant progress toward certification.
Subject to permission of each organization, ISCI will post on its web site http://www.ISASecure.org, the names of organizations that hold an SDLA certification for their development lifecycle process, as well as those organizations progressing toward this certification, that have achieved specified milestones toward compliance.
Relationship to the ISASecure® Product Certification Programs
In order to obtain a certification for a product, a supplier shall hold an ISASecure SDLA certification of a security development lifecycle process that applies to development of product updates going forward, as described in ISASecure-115.
The supplier may at their option apply concurrently for both ISASecure SDLA process certification and ISASecure certification for a specific product, in which case product security artifacts may serve as evidence toward both certifications.
Organizational Roles
The following organizations participate in the ISASecure cybersecurity certification program, an ISO/IEC 17065 conformity assessment scheme.
- End users define procurement criteria for control system products, and may require an ISASecure certification for a product or supplier development lifecycle process, at a particular certification level
- Suppliers apply for certification of their development lifecycle processes
- Chartered SDLA laboratories accept applications from suppliers for process certification, evaluate processes, and are authorized to grant SDLA certifications and formal pre-certification recognition to supplier development organizations (conformity assessment body)
- ISCI (ISA Security Compliance Institute) defines, maintains and manages the overall ISASecure SDLA certification program, interprets the ISASecure specifications and maintains a web site for publishing program documentation, as well as a list of chartered SDLA laboratories, ISASecure certified supplier development lifecycle processes and ISASecure certified products
- ASCI (Automation Standards Compliance Institute), as the legal entity representing ISCI, grants chartered SDLA laboratory status to applicant organizations based on successful accreditation to criteria defined by ISCI
- SDLA accreditation bodies (AB) evaluate certification body (CB) candidates for chartered SDLA laboratory status to determine if they meet program accreditation criteria
ISCI is organized as an interest area within ASCI, a not-for-profit 501 (c) (6) corporation owned by ISA (International Society of Automation). Descriptions of the governance and organizational structure for ASCI are found on the ISASecure website: http://www.ISASecure.org.
An SDLA accreditation body will be an organization recognized by IAF/ILAC.
ISASecure CB’s conduct assessments in accordance with ISO/IEC 17065 and maintain confidentiality of supplier’s assessment information at all times. No proprietary company information is ever publicly disclosed. As the owner of the ISASecure conformance scheme, random work products related to a supplier evaluation may be examined by ISCI staff at infrequent intervals to ensure the quality of the ISASecure SDLA program or to process a complaint to ISCI lodged by a supplier.
Certification Program Documentation
Figure 1 - ISASecure SDLA Documents
ISASecure® SDLA Conformance Scheme Fees
Prior to January 1st, 2020 | |
SDLA Certification Registration Fee -Member (billed when passed) | $5,000 |
SDLA Certification Registration Maintenance Fee - Member | $3,000 |
SDLA Certification Registration Fee - non-Member (billed when passed) | $7,500 |
SDLA Certification Registration Maintenance Fee - non-Member | $5,000 |
After January 1st, 2020 | |
SDLA Certification Registration Fee (Annual Fee) | $1,500 |
Security Development Lifecycle Assurance Certification Specification
SDLA-100 ISASecure Certification Scheme | View/Download Resource |
SDLA-102 Errata | View/Download Resource |
Lab Accreditation Requirements
ISASecure-118 Transition to SDLA 3.0.0 | View/Download Resource |
Certification Specifications
SDLA-204 Instructions and Policies for Using the ISASecure Symbol and Certification | View/Download Resource |
SDLA-205 Certificate Document Format | View/Download Resource |
Technical Specifications
SDLA-300 ISASecure Certification Requirements | View/Download Resource |
SDLA-312 Security Development Lifecycle Assessment | View/Download Resource |
Security Development Lifecycle Assurance (SDLA)
(Valid until 2/13/2019)
Scope
ISASecure SDLA is a certification program which assesses a supplier’s product development lifecycle processes for industrial automation control systems. An SDLA certification is granted for:
- a named development organization or organizations
- a specific version of a named, documented development lifecycle process under version control that is used by that organization(s)
- a certification level of 1, 2, 3, or 4 designed to match SAL in IEC 62443.
The four certification levels for a process offer increasing levels of development lifecycle security assurance. These certifications are called ISASecure SDLA Level 1, ISASecure SDLA Level 2, ISASecure SDLA Level 3, and ISASecure SDLA Level 4.
The documented process itself shall specify:
- whether it applies to development of components, systems or both; and
- the scope of products to which the organization applies the process (which may be all products).
In order to carry out an ISASecure SDLA certification to a particular certification level, the certification body conducting the supplier’s SDL process assessment will:
1. evaluate the specific documented version of the organization’s process to assess whether it meets the requirements stated in the SDLA specification; and
2. review representative artifacts to verify that each ISASecure SDLA requirement is being followed for products under the scope of the process.
The supplier provides a list of products for which such artifacts are available to be reviewed against the SDLA certification requirements. The certifier may, at their discretion, select artifacts from among these to review.
Certified Development Lifecycle Processes
A supplier whose development lifecycle process has been evaluated under the ISASecure SDLA certification program and shown to meet these technical criteria may display the ISASecure symbol and a certificate granting certification, in accordance with program procedures. A certification references a 3-digit certification version that identifies the set of ISASecure specifications used for the certification. For example, the ABC Company development process might be certified to ISASecure SDLA 2.6.1, Level 2.
The program defines an expiration period for ISASecure SDLA certification, as well as actions required to maintain the certification beyond this period, i.e. extend the expiration date. The program also defines procedures for certified organizations to obtain certification to higher certification levels. In addition, the program offers formal recognition for organizations that have made significant progress toward certification.
Subject to permission of each organization, ISCI will post on its web site http://www.ISASecure.org, the names of organizations that hold an SDLA certification for their development lifecycle process, as well as those organizations progressing toward this certification, that have achieved a specified level of compliance.
Relationship to the ISASecure® Product Certification Programs
A supplier that holds an ISASecure SDLA process certification at an appropriate certification level thereby meets the SDLA evaluation element required to achieve ISASecure certification for their products. A supplier applying for a product certification that does not hold an SDLA process certification at the appropriate level, will undergo an SDLA evaluation at this level as a part of the ISASecure product evaluation itself. Thus the SDLA certification program provides a method for a supplier to undergo an SDLA evaluation once, such that it can apply toward all product certifications.
The supplier may at their option apply concurrently for both ISASecure SDLA process certification and ISASecure certification for a specific product, in which case product security artifacts may serve as evidence toward both certifications.
These topics are covered in greater detail in the documentation for ISASecure product certification programs.
Relationship to IEC 62443
ISASecure certification programs are designed to certify compliance to the IEC 62443 series of IACS cybersecurity standards. In the event that an IEC 62443 standard is in draft form, ISCI will establish certification requirements to the standard’s framework.
Regardless, ISCI’s commitment is to maintain alignment of ISASecure SDLA process certification requirements and certification levels with the requirements and level concepts in IEC 62443-4-1 “Security for industrial automation and control systems – Product development requirements.” This standard is under development.
The approved standard IEC 62443-1-1 establishes terminology and concepts that apply for the overall series of standards.
Organizational Roles
The following organizations participate in the ISASecure cybersecurity certification program, an ISO/IEC 17065 conformity assessment scheme.
- End users define procurement criteria for control system products, and may require an ISASecure certification for a product or supplier development lifecycle process, at a particular certification level
- Suppliers apply for certification of their development lifecycle processes
- Chartered SDLA laboratories accept applications from suppliers for process certification, evaluate processes, and are authorized to grant SDLA certifications and formal pre-certification recognition to supplier development organizations (conformity assessment body)
- ISCI (ISA Security Compliance Institute) defines, maintains and manages the overall ISASecure SDLA certification program, interprets the ISASecure specifications and maintains a web site for publishing program documentation, as well as a list of chartered SDLA laboratories, ISASecure certified supplier development lifecycle processes and ISASecure certified products
- ASCI (Automation Standards Compliance Institute), as the legal entity representing ISCI, grants chartered SDLA laboratory status to applicant organizations based on successful accreditation to criteria defined by ISCI
- SDLA accreditation bodies (AB) evaluate certification body (CB) candidates for chartered SDLA laboratory status to determine if they meet program accreditation criteria
ISCI is organized as an interest area within ASCI, a not-for-profit 501 (c) (6) corporation owned by ISA (International Society of Automation). Descriptions of the governance and organizational structure for ASCI are found on the ISASecure website: http://www.ISASecure.org.
An SDLA accreditation body will be an organization recognized by IAF/ILAC.
ISASecure CB’s conduct assessments in accordance with ISO/IEC 17065 and maintain confidentiality of supplier’s assessment information at all times. No proprietary company information is ever publicly disclosed. As the owner of the ISASecure conformance scheme, random work products related to a supplier evaluation may be examined by ISCI staff at infrequent intervals to ensure the quality of the ISASecure SDLA program or to process a complaint to ISCI lodged by a supplier.
Certification Program Documentation
Figure 1 - ISASecure SDLA Documents
ISASecure® SDLA Conformance Scheme Fees
Prior to January 1st, 2020 | |
SDLA Certification Registration Fee -Member (billed when passed) | $5,000 |
SDLA Certification Registration Maintenance Fee - Member | $3,000 |
SDLA Certification Registration Fee - non-Member (billed when passed) | $7,500 |
SDLA Certification Registration Maintenance Fee - non-Member | $5,000 |
After January 1st, 2020 | |
SDLA Certification Registration Fee (Annual Fee) | $1,500 |
Security Development Lifecycle Assurance Certification Specification
SDLA-100 ISASecure Certification Scheme | View/Download Resource |
SDLA-102 Errata | View/Download Resource |
Lab Accreditation Requirements
ISASecure-118 Transition to SDLA 3.0.0 | View/Download Resource |
Certification Specifications
SDLA-204 Instructions and Policies for Using the ISASecure Symbol and Certification | View/Download Resource |
SDLA-205 Certificate Document Format | View/Download Resource |
Technical Specifications
SDLA-300 ISASecure Certification Requirements | View/Download Resource |
SDLA-312 Security Development Lifecycle Assessment | View/Download Resource |