IEC 62443-4-1 Consulting
ISA/IEC 62443-4-1 standard, Product Security Development Life-Cycle Requirements specifies the process requirements for the secure development of products used in an IACS and defines a secure development life-cycle for developing and maintaining secure products. The lifecycle includes the definition of security requirements, secure design, secure implementation (including coding guidelines), verification and validation, defect management, patch management and end-of-life of the product.
These requirements may apply to new or existing hardware, software or firmware development, maintenance and retirement processes. The requirements apply to the developer and maintainer of a product, but not to the integrator or user of the product.
It has 8 practices covering a total of 47 requirements, as shown in this table: IEC 62443-4-1 Practices & Requirementes.pdf
IEC 62443-4-2 Consulting
ISA/IEC 62443-4-2, Security for Industrial Automation and Control Systems (Security technical requirements for IACS components). It specifies the technical cybersecurity requirements to be evaluated for the components that comprise an IACS device, in particular embedded devices, network components, host components and software applications. The standard establishes the security capabilities that enable a component to mitigate threats for a given level of security without the aid of compensatory countermeasures.
10 REASONS FOR CHOOSING JTSEC
- We assure you a fixed price from the beginning, avoid surprises!
- Time to market, a support engineer is always available for projects, ensuring we meet deadlines and expectations.
- Editors in the ERNCIP thematic group for "Industrial Automation & Control Systems (IACS)".
- IECEE CB authorized laboratory
- Customized approach adapted to your needs
- More than 15 years of experience in cybersecurity evaluation and consultancy.
- Continuous in-house training to be always up to date with regulations.
- ECSO members in the Working Group "Standardization, Certification and Supply Chain Management".
- ISO members in different standardization projects.
- Contributors in CCI (Centro de Ciberseguridad Industrial), the most important Spanish association in the industrial sector.
What do we offer?
-
GAP ANALYSIS
We assess the current status of your product and its documentation, informing you about the changes you need to make before proceeding with the development/certification process.
This service is very interesting in industrial cybersecurity, as specific requirements must be met and understood clearly, avoiding problems in the later stages of the development process.
-
INDUSTRIAL CYBERSECURITY CONSULTANCY
Drafting the necessary documentation in a timely manner is a difficult task. We provide comprehensive support to help you comply with IEC 62443-4-1 62443-4-2 standards.
With this service we will generate all the necessary documentation and assist you in the development of both the life cycle of your product and the component itself, saving you time, money and resources.
Achieving 62443 certification can be a significant challenge for an organization, jtsec assists you throughout the process to meet your security objectives. This service can include gap analysis, document preparation or security design review.
-
TRAINING
If you need your team to learn more about industrial cyber security, we have provided many clients with customized training sessions, tailored to different levels and durations. Our training days often include hands-on workshops if required by the client.