The standard ETSI EN 303 645 is evaluated following the guidelines of ETSI TS 103 701, which describes how a conformity assessment is performed in a structured and comprehensive way. This will allow supplier organizations such as manufacturers, vendors or distributers to assess the compliance of their devices against ETSI EN 303 645. The technical specification that offers ETSI TS 103 701 helps to harmonize evaluation methodologies and support manufacturers, suppliers and implementers for their internal security processes.
The IEC 62443 standard is the main international reference framework for the cybersecurity of industrial systems and specifies a series of measures against cyber-attacks. It also provides a lingua franca for the industrial ecosystem (manufacturers, integrators and test laboratories). Is the only reliable solution for testing the cybersecurity of components in the field of industrial automation.
This methodology provides, among other, these advantages:
There are currently 5 products included in this taxonomy, all of them assessed by jtsec. Access to this category does not require making a Security Declaration and passing a LINCE, Common Criteria or CPSTIC assessment, but it does require passing penetration tests to verify that the tool complies with minimum security standards.
This peculiarity makes the process less costly for the client, in terms of money, staff resources and time.
Some weeks ago, we started a very special project, called ENJAMBRE and we are very proud to collaborate with valuable companies such as Fidesol, Nazaries Intelligenia, Grupo Trevenque, Smart City Cluster and Ontech. The first stage, the one explained in this blog, will end by 28 April 2023.
A few days ago, we ended 2022, starting a very exciting 2023 for the whole jtsec team, in which we have no doubt that there will be very interesting projects and challenges. Looking back at the year that has ended, we have seen the incredible evolution that the LINCE methodology has had and the more than significant number of solutions included in the CPSTIC / CCN-STIC 105 catalogue. Therefore, we would like to make a brief summary of our contribution at this point.
