Exida offers combined certification for safety, security
Making the case for its integrated testing and certification program, exida argues that discrete testing and safety standard approaches may not adequately reflect more complex needs of users in critical applications.
Exida, a global supplier of functional safety, security, and alarm management services and certifications, has begun offering an integrated testing package, which the company says evaluates the most important attributes of an automation product - functional safety, functional security, and availability. The move could help improve safety, functional security, and availability related to automation system integration and process control software upgrades implementations.
Exida says its Functional Integrity Certification is the only independent, third party assessment that examines functional safety, security, and availability attributes of an automation product through assessment of its design, testing and manufacturing. The program also scrutinizes how a product performs under stress, in the field and over time.
"Functional Integrity Certification helps automation suppliers demonstrate the safety, security and reliability of their products," says Dr. William Goble, exida principal partner. "This also saves engineering time and money through a streamlined, single source assessment process. In turn, prospective buyers are provided with objective information to help guide their purchasing decisions."
Rainer Faller, exida principal partner and CEO adds, "This program follows our open assessment policy. Technical assessment reports are openly available on the exida web site ."
For functional safety, a product and its development process are evaluated per the international standard IEC 61508 to determine its Safety Integrity Level (SIL). The SIL level is a measure of the probability that a product will perform its intended protection function when needed.
Functional security assesses a product's resiliency to intentional or accidental manipulation that could cause it to behave differently than was intended. A combination of network robustness testing, security feature assessment, and software development process assessment helps detect and avoid vulnerabilities and systematic design faults. The certification is based on the ISA Security Compliance Institute (ISCI) Embedded Controller Security Assurance (ECSA) test specification.
Finally, an availability assessment ensures the dependability of automation products in critical applications. Exida uses modeling and probabilistic methods, combined with empirical data, to help predict product reliability.
Exida's contention is that while all three testing methods are important in their own context, certifying a product using them together reflects the real-life situation of a device and control network having to withstand stresses from multiple directions at the same time. For example, the ability of a safety device to fulfill its functions could be compromised by security threats and bad traffic on a network. Integrated testing and certification is intended to reflect these more complex relationships. The success of this approach will depend on customers accepting the idea and requiring such testing from their vendor communities.
Also see other:
- Control Engineering functional safety coverage.
-Edited by Peter Welander, process industries editor, PWelander@cfemedia.com
Control Engineering Process & Advanced Control Monthly eNewsletter
Register here to select your choice of free eNewsletters .