Choose another country to see content specific to your location

//Select Country

IEC 62443 Industrial Security Certification

Assessment and Certification

About Industrial Security

The increasing prevalence of cyber-physical systems has a significant impact on industries worldwide. Across a variety of businesses, from manufacturing and processing plants, to energy suppliers and rail, cyber-physical systems are implemented to enable higher efficiencies, unmatched flexibility and innovative business models. But the new connectivity also translates into a shift in the risk landscape, as cyber-attacks are increasing. Against this backdrop, suppliers and system integrators must optimize the cyber resilience of their components and systems by improving their development, integration and support processes.

About the IEC 62443 Standard

Aiming to mitigate risk for industrial communication networks, the international standard IEC 62443 provides a structured approach to cybersecurity. IEC 62443 was originally developed for the Industrial Automation and Control Systems supply chain, but it has become the leading industrial cybersecurity standard for all types of plants, facilities and systems across many industries. IEC 62443 applies to component suppliers, system integrators and asset owners.

Through a set of defined process requirements, IEC 62443 ensures that all applicable security aspects are addressed in a structured manner. Security aspects include a systematic approach to cybersecurity throughout the stages of specification, integration, operation, maintenance and decommissioning. Furthermore, IEC 62443 foresees that processes are established to facilitate all necessary technical security functions. Adapted to the relevant project scope, IEC 62443 lays the foundations for cybersecurity robustness throughout the product and system lifetime.

The implementation of IEC 62443 certification can also boost the competitiveness of the supplier and system integrator: A third-party certification demonstrates to asset owners and operators that the purchased component or system is based on a methodized and coherent approach to cybersecurity, in line with industry best practice.

Our Iec 62443 Certification Services

TÜV SÜD is one of the first companies to provide certifications according to IEC 62443. Suppliers and system integrators worldwide partner with us to confirm their compliance to applicable process requirements as laid out in the standard. 

The IEC 62443 standard addresses security processes along the complete supply chain. For product suppliers, TÜV SÜD provides certification services based on IEC 62443-4-1 Secure Product Development Lifecycle. The standard applies to the supplier’s overall security programs, and to the security processes connected to the development of the relevant component and control system.

Corresponding certifications are available to system integrators based on IEC 62443-2-4 Security Program for Service Providers. In this case, the compliance of generic processes, as well as compliance of security processes for a reference architecture or blueprint, can be verified by our experts.

During the certification process, the auditor executes a conformity assessment based on document reviews, interviews and on-site audits. When compliance with standard requirements has been confirmed, the certification concludes with the issuance of a report and the TÜV SÜD certification mark. An annual surveillance audit is required to maintain the validity of the certification. 

Beside the generic process aspects during product development and system integration, the IEC 62443 standard specifies technical security requirements to components and systems. These technical requirements are described in IEC 62443-4-2 and IEC 62443-3-3. The assessment of both process and technical requirements are the basis for the certification of components and systems, respectively.

Training Course

Our expert training course introduces you to the topic of IT security based on the IEC 62443 family of standards, taking into account issues related to control and automation systems.

EXPLORE

IEC 62443 Industrial Cybersecurity
Webinar

IEC 62443 Industrial Cybersecurity Benefits

Discover how IEC 62443 can help your organization

Learn More

IEC 62443 and Industrial Security
Stories

Mitigate Security and Safety Risks with IEC 62443

Discover the impact cyber-physical systems are having on industries globally

Learn More

Key Priorities for Industrial and IIoT Security
White paper

Key Priorities for Industrial and IIoT Security

Learn best practices for industrial cybersecurity

Learn More

VIEW ALL RESOURCES

Next Steps

Select Your Location

Global

Americas

Asia

Europe

Middle East and Africa