Skip to content
NEW: ISASecure Site Assessment Program for OT Cybersecurity Learn More

Codenomicon joins the ISA Security Compliance Institute

Research Triangle Park, North Carolina, USA (6 February 2014) – The ISA Security Compliance Institute (ISCI) announced today that Codenomicon, a Finland-based cybersecurity company, has joined ISCI as a technical member. 
Codenomicon brings to ISCI a wealth of experience in detecting software vulnerabilities. Much of today’s protocol testing foundations are based upon work done in the late 1990s by researchers at VTT and the University of Oulu in Finland. Founders at Codenomicon, Ari Takanen, Rauli Kaksonen and Mikko Varpiola, were all participants in ground-breaking and foundational research in software vulnerability testing.
“Codenomicon is passionate about securing critical infrastructure and our values align with ISCI’s mission,” stated Mike Ahmadi, Codenomicon’s Global Director of Energy and ICS Security. “We are enthusiastic about participating in ISCI’s programs and initiatives and proud to have our cybersecurity test platform included in ISASecure ™ programs.”
Codenomicon specializes in identifying unknown software bugs. Its products, the Unknown Vulnerability Management (UVM) tools, offer software developers a simple process to ensure security and robustness in their products. 
“Codenomicon’s staff includes some of the most knowledgeable cybersecurity experts in the industry,” said Andre Ristaino, Managing Director of the ISA Security Compliance Institute. “We are grateful for their contributions.”

About ISASecure™ EDSA Certification
The ISASecure™ program has been developed by the ISA Security Compliance Institute (ISCI) with a goal to accelerate industry-wide improvement of cybersecurity for Industrial Automation and Control Systems (IACS). It achieves this goal by offering a common industry-recognized set of device and process requirements that drive device security, simplifying procurement for asset owners and device assurance for equipment vendors.
ISASecure Embedded Device Security Assurance Certification (ISASecure EDSA), the first ISASecure certification, focuses on security of embedded devices and addresses device characteristics and supplier development practices for those devices. Through this certification, an embedded device that meets the requirements of the ISASecure specifications receives the ISASecure EDSA certification—a trademarked designation that provides instant recognition of product security characteristics and capabilities. ISASecure EDSA offers three certification levels for a device based on increasing levels of device security assurance: ISASecure Level 1 for Devices, ISASecure Level 2 for Devices, and ISASecure Level 3 for Devices.
The ISASecure EDSA certification is an ISO/IEC Guide 65 conformance scheme supporting ISCI’s goal to operate a globally recognized industrial automation controls cyber security certification program. This third-party accreditation by ANSI/ACLASS enhances the credibility and value of the ISASecure certification by attesting to the competence and qualification of ISCI certification bodies and laboratories. Visit for details on the ISASecure ANSI/ACLASS accreditation process.
About the ISA Security Compliance Institute
Founded in 2007, the ISA Security Compliance Institute’s mission is to provide the highest level of assurance possible for the cyber security of industrial automation control systems.
The Institute was established by thought leaders from major organizations in the industrial automation controls community seeking to improve the cyber security posture of Critical Infrastructure for generations to come. Founding Members include Chevron, ExxonMobil Research and Engineering, Honeywell, Invensys, Siemens, and Yokogawa. Key Technical Members include exida, IPA-Japan, CSSC, Codenomicon and RTP Corp.
The Institute’s goals are realized through industry standards compliance programs, education, technical support, and improvements in suppliers’ development processes and users’ life cycle management practices. The Institute’s ISASecure™ designation ensures that industrial automation control products conform to industry consensus cyber security standards, providing confidence to users of ISASecure products and systems and creating product differentiation for suppliers conforming to the ISASecure
ISASecure EDSA Certification is a trademark of the ISA Security Compliance Institute.
ISCI press contact:

Andre Ristaino