Companies follow control system / safety system integration pattern
Wurldtech and exida partner to provide cyber security certification for larger integrated systems.
As process safety systems are becoming increasingly integrated with process control systems, it follows any system connected one way or another to the Internet provides potential attack vectors .
With that in mind, it’s no surprise that companies involved in the safety arena are paying more attention to cyber security concerns. So there’s logic to the idea that two companies that are highly visible in their respective specialties should combine their resources. Wurldtech Security Technologies and exida have done just that and announced a partnership that will allow exida to use Wurldtech’s Achilles cyber security testing and certification tools as it evaluates and certifies safety systems. The companies also say that this will create a foundation for ongoing joint developments.
“The Achilles Certified brand is trusted globally as a benchmark for security and its adoption has resulted in a significant improvement in the security and reliability of global critical infrastructures,” says Tyler Williams, Wurldtech president. “By partnering with exida, we are able to expand our current program into new markets and leverage their safety expertise to jointly evolve the program to meet the certification needs of the automation industry today and into the future.”
This partnership was formed in response to customer requests to expand the current Achilles program and include new categories such as control applications, industrial networking infrastructure, and both operator integration and vendor development processes. By combining security certification criteria, technology, and expertise with well-established policies, procedures, and best practices from the safety industry, Wurldtech and exida will be able to offer a comprehensive and streamlined certification process to the global industrial automation industry.
Exida considers this particularly important since it has found actual safety system installations that passed certification to IEC 61508 still contained possible cyber attack vulnerabilities that surfaced during more extensive evaluation. Similarly, even though many control systems have been certified on the OEM level using Achilles testing, vulnerabilities can be opened during installation and integration with the safety system, so exida contends that it is critically important to test the whole system as installed and integrated.
“Process control system operators want to minimize risk and maximize uptime and suppliers want to be first to market with certified, reliable systems,” says John Cusimano, exida director of security services. “By bringing the safety and cyber security certification processes together, operators and suppliers have a single source for all of their certification needs.”
Read an earlier story on Achilles testing .
Peter Welander, process industries editor
Control Engineering News Desk
Register for free topical eNewsletters on automation, controls, and instrumentation .