With the increasing connectivity of production plants, new hazards arise that must be included in the risk management processes of plant operators, machine or control system manufacturers. TÜV AUSTRIA offers a comprehensive solution portfolio and certification audits according to the IEC 62443 standard.
The IEC 62443 international standard series addresses the cyber security of Industrial Automation and Control Systems, taking a holistic approach that covers the entire lifecycle. Safety and security are equally mapped to ensure maximum security.
As part of cyber security risk management, risk assessments for machines and production facilities are expanded to include aspects of IT network and software/application risks. Cyber security risk management focuses in particular on the availability of the plants, SECURITY, and thus possible negative economic effects, while the analyses from the Health, Safety and Environment (HSE) perspective primarily assess risks with regard to human integrity and influences on the environment (SAFETY).
The interplay of measures from Cyber Security and HSE assessments thus provides a comprehensive picture of the measures taken to identify any incidents and take planned countermeasures.
Andreas Köberl, Managing Director of TÜV TRUST IT TÜV AUSTRIA GMBH, the IT/OT Security specialist of TÜV AUSTRIA Group: “Many companies, especially small and medium-sized enterprises, have little knowledge regarding cyber security and even less expertise regarding current norms and standards. That’s why we offer operators and manufacturers of machinery and equipment customized solutions to increase security in industrial network infrastructures.”
TÜV AUSTRIA’s security experts analyze and evaluate existing infrastructures, develop security concepts to protect systems, provide implementation support and offer certification audits in accordance with the IEC 62443 standard. “The goal is to ensure that all systems function smoothly with each other and downtime due to unauthorized access is prevented,” says Köberl.
Alexander Zeppelzauer, authorized signatory of TÜV TRUST IT, adds that the IEC 62443 audit allows companies to demonstrate their use of current cyber security standards for networked industrial systems and thus certify that they give high priority to the issue of IT security. “The clear benefit of higher resilience, the proof of being able to fend off attacks appropriately and thus produce securely, also brings competitive advantages, as it increases customers’ confidence in their own products.”
Köberl and Zeppelzauer emphasize that when introducing new products or setting up a new production environment, it is essential to refer to the IEC 62443 security standard for guidance on security-related issues. A worthwhile investment. TÜV AUSTRIA is a reliable IEC 62443 partner.