Thursday, June 10, 2010

Security test requirements

ISA Security Compliance Institute Publishes Test Lab and Test Tool Requirements


The ISASecure certification was developed based on the ISA99 Industrial Automation and Control Systems Security standards and other relevant standards such as IEC. Visit the ISA99 Committee website for details on the approved standard, the ISA99 roadmap, and relevant presentations.
The ISA Security Compliance Institute (ISCI) has posted the recently approved ISASecure™ EDSA-200 Chartered Laboratory Operations and Accreditation specification and EDSA-201 Recognition Process for Communication Robustness Testing (CRT) Tools specification on line.

The Lab Accreditation and Test Tool Recognition Requirements form a key element of the overall ISASecure Embedded Device Security Assurance (EDSA) certification program. These documents provide detailed information to organizations that want to submit test tools for inclusion in the ISASecure EDSA certification program and/or become an ISASecure Chartered Lab. As an operational strategy, ISCI does not plan to build test laboratories or test tools. Instead, ISCI has established and will maintain the requirements and specifications for the ISASecure program.

ISCI also posted the EDSA-100 Certification Scheme document to the www.isasecure.org website. This top-level document summarizes the overall ISASecure EDSA Certification program and provides the context for the test tool recognition and chartered laboratory requirements documents. Requirements for achieving the ISASecure EDSA certification for an embedded device are described in EDSA-300 ISASecure Certification Requirements, also posted on the www.isasecure.org website.

Thecertification program specifications can be downloaded from the “Certification Program” page of the website or accessed via the “View ISASecure Specifications” link in the blue block on the home page.

ISCI constructed the ISASecure EDSA certification as an ISO/IEC Guide 65 conformance scheme to facilitate global adoption of and participation in the ISASecure EDSA certification program. "We are striving to establish a globally recognized Industrial Automation Control Systems security certification, intended to grow and improve within a structured paradigm. The ISO/IEC Guide 65 conformance scheme provides structured, deliberate processes for launching the ISASecure program and for expanding the scope of the ISASecure certifications,” explained Andre Ristaino, ASCI managing director.

No comments:

Post a Comment