IEC 62443 Industrial Security

SecureSafety - Integrated cybersecurity for safe industrial plants

What kind of challenges are posed by the increasing digitisation of production processes?

Every year, cyberattacks cause substantial loss and cost, presenting a growing challenge which also extends into the industry sector. So far, this trend has affected businesses in fields including 

  • Energy production and distribution
  • Extraction and refining of raw materials
  • Chemical and pharmaceutical industries
  • Plant and mechanical engineering
  • Automotive engineering
  • Electrical and precision engineering

When it comes to threats such as industrial espionage, cyberextortion and data leaks, many companies focus on their conventional IT applications, yet underestimate the risks arising from increasingly smart and digitised production processes (known as Operational Technologies or OT).

The consequences here may be disruption to operations, faulty products and loss of reputation, and may even extend to breaches of business-related or statutory security objectives – either as targeted attacks or collateral damage.

These are the challenges faced not only by businesses and any regulators which may be involved, but also by OEMs in areas such as plant and mechanical engineering, system integrators and manufacturers of components. If they want to remain competitive in the medium and long term, they need to supply qualified and compliant products and services.

In this context, stakeholders ultimately need to overcome two more difficulties. The first is that conventional IT security methods and measures have only limited suitability for automated industrial control systems (ICS), and the second is the need for a holistic approach in order to verify that a cybersecurity solution and/or its concrete measures are effective and free from interference. An approach of this kind needs to consider operational issues and requirements as well as safety and security systems.

Play it safe: minimise the cyber-risks for your ICS from an early stage

Technology risks in industry can be both general and industry-specific. Businesses resort to preventive and mitigating measures in their endeavours to achieve individual and legal security objectives. These measures are typically aligned to the expected threats that need to be covered. In the past, cyber-risks played a very minor role.

Now, however, even the safety-related functions of ICS are increasingly digitised. This opens up new pathways of threats, vulnerabilities or damage mechanisms that have previously not been fully considered. Cyberattacks are evolving into a critical, threat, particularly to the cyber-physical systems (CPS) which are part of Industry 4.0. In the majority of cases, even the “air gap” in isolated systems fails to offer adequate security. Standards such as the IEC 62443 series give answers to the question of which security measures should be established to ensure industrial communication networks are adequately protected.

Our services at a glance

Providing bespoke engineering and test services, the experts from TÜV SÜD ensure the safety, security, profitability and sustainability of plants and installations, infrastructure and buildings. As always, we will continue to support you with third-party assessments in the future, delivering the reliable information you need for informed decision-making processes.

Where this involves consideration of the threats and risks to ICS, our SecureSafety product fills the bill. On request, SecureSafety combines our conventional safety services with the required additional expertise in OT security (e.g. based on the IEC 62443 series of standards).

By supplying SecureSafety, TÜV SÜD acts as a reliable partner of component manufacturers, system integrators, operators and authorities across the entire life cycle.

How can we help you? We will be happy to support you in the field of SecureSafety, supplying:

  • Risk, hazard and threat analyses
  • Vulnerability and gap analyses
  • Expert assessments
  • Expert opinions
  • Inspections
  • Ongoing controls

Just contact us! We will be happy to inform you about our SecureSafety services.

SecureSafety – Your benefits from TÜV SÜD

  • As always, our teams of experts support you with their customary technological, industry or plant-specific know-how, complemented by OT security aspects depending on your individual terms of reference.
  • In 2020, TÜV SÜD has established an accredited inspection body for industrial cybersecurity, focusing initially on IEC 62442.
  • Our experts keep a close eye on current trends and developments in the fields of OT security, ICS security, IACS security and IoT/IIoT security. We play an active role in shaping and driving cybersecurity and are represented in the organisations VdTÜV, DKE/VDE, TeleTrusT and Charter of Trust.

Next Steps

Site Selector