Industrial Cybersecurity Consulting

  • IECEE CB testing laboratory authorized for industrial cybersecurity
  • Leading experts in industrial cyber security certification
  • Industrial Cybersecurity Consulting
  • Editors in the ERNCIP thematic group for "Industrial Automation & Control Systems (IACS)".

Click here to find our talks related to IEC 62443 and other standards offered in the most relevant cybersecurity events
By sending your data you allow us to use it to resolve your doubts by sending you commercial information of interest. We will delete it when they are no longer necessary for this matter. Know your rights in our Privacy Policy.

IEC 62443-4-1 Consulting

ISA/IEC 62443-4-1 standard, Product Security Development Life-Cycle Requirements specifies the process requirements for the secure development of products used in an IACS and defines a secure development life-cycle for developing and maintaining secure products. The lifecycle includes the definition of security requirements, secure design, secure implementation (including coding guidelines), verification and validation, defect management, patch management and end-of-life of the product.

These requirements may apply to new or existing hardware, software or firmware development, maintenance and retirement processes. The requirements apply to the developer and maintainer of a product, but not to the integrator or user of the product.

It has 8 practices covering a total of 47 requirements, as shown in this table: IEC 62443-4-1 Practices & Requirementes.pdf

IEC 62443-4-2 Consulting

ISA/IEC 62443-4-2, Security for Industrial Automation and Control Systems (Security technical requirements for IACS components). It specifies the technical cybersecurity requirements to be evaluated for the components that comprise an IACS device, in particular embedded devices, network components, host components and software applications. The standard establishes the security capabilities that enable a component to mitigate threats for a given level of security without the aid of compensatory countermeasures.

10 REASONS FOR CHOOSING JTSEC

  1. We assure you a fixed price from the beginning, avoid surprises!
  2. Time to market, a support engineer is always available for projects, ensuring we meet deadlines and expectations.
  3. Editors in the ERNCIP thematic group for "Industrial Automation & Control Systems (IACS)".
  4. IECEE CB authorized laboratory
  5. Customized approach adapted to your needs
  6. More than 15 years of experience in cybersecurity evaluation and consultancy.
  7. Continuous in-house training to be always up to date with regulations.
  8. ECSO members in the Working Group "Standardization, Certification and Supply Chain Management".
  9. ISO members in different standardization projects.
  10. Contributors in CCI (Centro de Ciberseguridad Industrial), the most important Spanish association in the industrial sector.

What do we offer?

  1. GAP ANALYSIS

    We assess the current status of your product and its documentation, informing you about the changes you need to make before proceeding with the development/certification process.

    This service is very interesting in industrial cybersecurity, as specific requirements must be met and understood clearly, avoiding problems in the later stages of the development process.

  2. INDUSTRIAL CYBERSECURITY CONSULTANCY

    Drafting the necessary documentation in a timely manner is a difficult task. We provide comprehensive support to help you comply with IEC 62443-4-1 62443-4-2 standards.

    With this service we will generate all the necessary documentation and assist you in the development of both the life cycle of your product and the component itself, saving you time, money and resources.

    Achieving 62443 certification can be a significant challenge for an organization, jtsec assists you throughout the process to meet your security objectives. This service can include gap analysis, document preparation or security design review.

  3. TRAINING

    If you need your team to learn more about industrial cyber security, we have provided many clients with customized training sessions, tailored to different levels and durations. Our training days often include hands-on workshops if required by the client.

They already trusted us. Let's talk!