- TÜV Süd certified process for system integration and solution project processing in conformity with IEC 62443-2-4 and -3-3
- Security documentation in conformity with IEC 62443
- Implementation of certified solutions with Simatic PCS 7
- Standardized processes reduce outlay for customers
Siemens is the world’s first company to gain TÜV SÜD certification for the secure system integration of process automation and drive solutions in compliance with the international IEC 62443-2-4 standards. The integration projects, verified on the basis of two standard solutions in the oil & gas processing industry and in a waste incineration plant, have been certified in conformity with IEC 62443-2-4 and -3-3 and were implemented using the Simatic PCS 7 process control system. The projects involved process automation, drive solutions and comprehensive security measures and functions designed to deliver secure plant operation. The certification has a whole range of advantages to offer for customers: plant operators benefit from the precise definition of requirements, the implementation of standardized automation solutions and processes, and from the availability of documentation in conformance with standards. This documentation provides a vital foundation for verifying compliance with the technical requirements of the IT Security Act and other cyber security standards, for the sustainable improvement of IT and OT system security, and for guaranteeing the security of general supplies. The system solutions are used in sectors involving a critical infrastructure, such as waste management and the oil and gas industry.
At this year's SPS IPC Drives, Siemens was presented with three certificates by TÜV SÜD. The certification in compliance with IEC 62443-2-4 is based on the "Secure Solution Framework", a generic product processing and engineering process developed by Siemens, and the necessary security documentation.
Forming the essential basis for the IEC-62443-3-3 certification of standard solutions from Siemens are the Simatic PCS 7 process control system and the Simatic Net portfolio comprising switches, routers and firewalls.
The international IEC 62443 standard describes an IT security concept based on the multi-layered "Defense-in-Depth" approach. This entails the direct integration of device and system suppliers, system integrators and operators, making them an integral part of the overall solution. On the basis of the IEC 62443, companies are able to review potential weak spots in their control and management technology and develop effective protective measures.
Holistic security enables digitalization
To enable the further development of security-certified automation products and systems, Siemens is pursuing a holistic security approach. By gaining certification compliant to IEC 62443-2-4 and -3-3 for project processing in the industrial solutions sector, Siemens is demonstrating that its own automation solutions are based on the very latest international standards when it comes to cyber security, making them the ideal choice for secure system integration - to the benefit of its customers. With cyber security representing one of the most important building blocks of the digital transformation, simply relying on the security of certified products and systems is not enough. Alongside a secure operator concept, secure system integration and solution implementation in conformity with IEC62443 must form part of any truly secure solution.
For further information on Industrial Security, please see www.siemens.com/industrialsecurity
Siemens AG (Berlin and Munich) is a global technology powerhouse that has stood for engineering excellence, innovation, quality, reliability and internationality for more than 170 years. The company is active around the globe, focusing on the areas of electrification, automation and digitalization. One of the largest producers of energy-efficient, resource-saving technologies, Siemens is a leading supplier of efficient power generation and power transmission solutions and a pioneer in infrastructure solutions as well as automation, drive and software solutions for industry. With its publicly listed subsidiary Siemens Healthineers AG, the company is also a leading provider of medical imaging equipment – such as computed tomography and magnetic resonance imaging systems – and a leader in laboratory diagnostics as well as clinical IT. In fiscal 2018, which ended on September 30, 2018, Siemens generated revenue of €83.0 billion and net income of €6.1 billion. At the end of September 2018, the company had around 379,000 employees worldwide. Further information is available on the Internet at www.siemens.com.