At a May 2007 meeting with the ISA-sponsored Automation Standards Compliance Institute (ASCI, www.isa.org/asci), an ad-hoc group of asset owners and suppliers of industrial automation technology and services moved forward with a plan to establish an ISA Security Compliance Institute. The group established the mission for the proposed organization, which is to decrease the time, cost, and risk of developing, acquiring, and deploying control systems by establishing a collaborative industry-based program among asset owners, suppliers, and other stakeholders.
The program will:
* Facilitate the independent testing and certification of control system products to a defined set of control system security standards;
* Use existing control system security industry standards where available, develop or facilitate development of interim standards where they don”t already exist, and adopt new standards when they become available;
* Accelerate the development of industry standards that can be used to certify that control systems products meet a common set of security requirements.
The standards, tests, and conformance processes for control systems products are intended to allow the products to be securely integrated. An ultimate goal of the organization is to push the conformance testing into the product development lifecycle, so that the products are more intrinsically secure.
A membership prospectus summarizing the ISA Security Compliance Institute program scope, member benefits, and member commitments is being distributed to leading suppliers and users of automation controls. The prospectus solicits Founding Strategic Members, who will provide strategic direction and funding necessary to launch the activity. The due date for membership applications is September 1, 2007. The consortium has a 21-month launch plan, with conformance certifications slated to begin in June 2009.
The ISA Security Compliance Institute will be managed by ISA through ASCI, in partnership with The Open Group, who will provide certification management expertise. Visit the ISA Security Compliance Institute (ISCI) Web site at www.isa.org/ISASecure for more information about the control systems security initiative.
Courtesy of Flow Research
