Schneider Electric Achieves Industry-First ISASecure Level Two Security Development Lifecycle Assurance Certification

December 14, 2017

Schneider Electric, the leader in digital transformation of energy management and automation, has announced that its Calgary, Alberta and Lake Forest, California process automation product development centers have been certified by exida, a globally recognized ISO 17065 certification body.

Complementing exida’s first certificate for Security Development Lifecycle Assurance (SDLA), awarded to three of Schneider Electric’s product development centers in 2016, Schneider Electric is also the process automation industry’s first company to receive an ISASecure SDLA Level Two compliance certification, awarded to its Calgary location (view certificates here).

Based on rigorous assessments during the product development lifecycle, ISASecure SDLA certifications validate that the Schneider Electric solutions developed at certified centers maintain robust security capabilities, even as the products are upgraded and maintained over their lifespans. The ISASecure SDLA certification specifications are set by the ISA Security Compliance Institute (ISCI) based upon the ISA/IEC 62443 international cybersecurity standards. ISCI is the leading not-for-profit automation controls industry consortium dedicated to accelerating industry-wide cybersecurity improvement for industrial automation and control systems (IACS).

Extending market leadership in cybersecurity certification

“Achieving the standards required for the ISASecure SDLA certification reflects Schneider Electric’s commitment to setting industry benchmarks when it comes to securing industrial automation and control systems,” said Andre Ristaino, managing director, ISCI. “By obtaining certification at two additional key development sites, Schneider Electric is better equipped to help its customers avoid vulnerabilities and ensure the integrity of machines and operations through an industry-leading product development process.”

Five Schneider Electric development centers have now obtained SDLA certifications, with its Foxboro, Massachusetts; Worthing, U.K.; and Hyderabad, India, facilities being certified in May 2016. Since 2014, ISCI has also certified three Schneider Electric product solutions, including the company’s Triconex™ Communication Module TCM, Field Device Controller FDC280 and Field Control Processor 280.

Driving real-time cybersecurity enhancements from connectivity

“These certified development sites and products demonstrate our commitment to cybersecurity in every phase of the product development lifecycle, and prove that Schneider Electric continues to lead the way when it comes to helping our customers confront their cybersecurity challenges,” said Raja Macha, vice president, research and development, Process Automation, Schneider Electric. “Even though rapidly increasing levels of connectivity between assets and people are making our customers’ operations more vulnerable, our value-focused, secure IIoT products, complemented with robust cybersecurity services, enable them to control their safety and security risks so they can take advantage of all that connectivity.

“It’s another example of how we help our customers drive measureable improvements to their operations, safely and in real time, so they can convert their process automation investments into the profit engine of their business.”

For more information about the ISCI SDLA certifications, please visit: http://isasecure.org/en-US/Certification/IEC-62443-SDLA-Certification