Schneider Electric Achieves ISASecure Security Development Lifecycle Assurance Certification
Release date: 10/21/2015
Three product development sites are world’s first to reach important industry benchmark
Research Triangle Parkn, NC – October 21, 2015 – Schneider Electric, the global specialist in energy management and automation, has just received an ISASecure Security Development Lifecycle Assurance (SDLA) conformance certificate from exida, LLC, an ISASecure ISO 17065 accredited certification body.
This first-of-its-kind certificate applies to Schneider Electric’s Process Automation business product development centers in Foxboro, Mass., Worthing, U.K., and Hyderabad, India. It is based on international cybersecurity standards and was developed to accelerate industry-wide cybersecurity improvement for industrial automation and control systems (IACS).
“The ISASecure SDLA certification demonstrates Schneider Electric’s long-standing commitment to secure industrial automation and control systems, and it sets a major benchmark for the industry as a whole,” said Andre Ristaino, managing director of the International Society of Automation Security Compliance Institute, an operational group within the ISA.
“We are proud to lead the way. Being the world’s first IACS provider to achieve this important benchmark is a testament to our commitment to delivering control and safety solutions that minimize system vulnerabilities and are resilient to cybersecurity threats,” said Raja Macha, vice president, research and development for Schneider Electric’s Process Automation business. “Addressing cybersecurity threats is a collaborative effort, however, so Schneider Electric continues to join forces with accredited certification and assessment bodies – like ISASecure and exida – to meet continuous cybersecurity demands.”
Cybersecurity is fundamental to Schneider Electric’s principles of helping its customers achieve more with fewer resources in a more connected world.
“The three certified Schneider Electric sites show they use a product development lifecycle in which cybersecurity considerations in all phases are part of their culture, demonstrating an institutionalized commitment to securing industrial automation and control systems,” said Chris O’Brien, principle partner at exida, an ISO 17065 certification body that is accredited by ANSI/ANAB to offer security certification of automation products per the ISASecure IACS Cybersecurity Assurance program.
The Schneider Electric ISASecure SDLA certificate may be viewed on the ISA Security Compliance Institute website at www.isasecure.org.
About Schneider Electric
Schneider Electric is the global specialist in energy management and automation. With revenues of €25 billion in FY2014, our 170,000 employees serve customers in more than 100 countries, helping them manage their energy and process in ways that are safe, reliable, efficient and sustainable. From the simplest of switches to complex operational systems, our technology, software and services improve the way our customers manage and automate their operations. Our connected technologies will reshape industries, transform cities and enrich lives. At Schneider Electric, we call this Life Is On.
exida is a world leading engineering services & certification body focused on helping automation suppliers and users improve the safety, security and reliability of their industrial automation systems. Established by several of the world’s top safety, security, and reliability experts, the company is owned by these partners and independent of any vendor ownership. exida’s main offices are located in Sellersville, PA, USA and Munich, Germany with service centers worldwide.
About the ISA Security Compliance Institute (ISCI)
Founded in 2007, the ISA Security Compliance Institute’s mission is to provide the highest level of assurance possible for the cyber security of industrial automation control systems (IACS).
The Institute was established by thought leaders from major organizations in the industrial automation controls community seeking to improve the cyber security posture of critical Infrastructure for generations to come. ISCI Members include Chevron, ExxonMobil, Aramco Services, Honeywell, Schneider Electric, Yokogawa, exida, Codenomicon, CSSC, and IPA-Japan.
The Institute’s goals are realized through industry standards compliance programs, education, technical support, and improvements in suppliers’ development processes and users’ life cycle management practices. The ISASecure® designation ensures that IACS products conform to industry consensus cyber security standards such as IEC 62443, providing confidence to users of ISASecure products and systems and creating product differentiation for suppliers conforming to the ISASecure specification.