FDA recognizes ISA/IEC 62443 cyber security standard

March 5, 2014 - The Automation Federation announced that the US Food and Drug Administration (FDA) incorporated ISA’s ISA/IEC 62443 series of industrial automation and control systems (IACS) security standards on the administration’s recognized consensus standards list.

The FDA recognizes industry standards developed by international and national organizations in satisfying portions of device pre-market review submissions and other requirements. In addition, the FDA’s list of recognized consensus standards guides manufacturers who elect to declare conformity with industry benchmarks and to meet certain requirements for medical devices.

The FDA cites the ISA/IEC 62443 series of standards in its publication entitled “Modifications to the List of Recognized Standards, Recognition List Number 032.” More information on recognized standards can be found through the FDA’s searchable database.

Developed through the work of the ISA Committee on Security for Industrial Automation & Control Systems (ISA99), the ISA/IEC 62443 standards are designed to prevent and mitigate potentially devastating cyber damage to industrial plant systems and networks—commonly used in transportation grids, power plants, water treatment facilities, and other vital industrial settings.

“The FDA’s recognition of ISA/IEC 62443 serves as another major validation by a United States federal agency on the importance of these vital industrial cybersecurity standards,” asserts Terry Ives, Automation Federation Chair and the 2013 ISA President. “Every member of the ISA99 Committee is to be commended for helping to develop these important industrial safeguards, which are being adopted throughout the world.”

Because of their ability to apply to all key industry sectors and critical infrastructure, the ISA/IEC 62443 standards are integral components of the US Cybersecurity Framework, a national cybersecurity initiative officially launched last month in Washington, DC by President Obama.

In fact, ever since the president called for the formation of the US Cybersecurity Framework slightly over a year ago, representatives of the Automation Federation, ISA’s umbrella organization, as well as ISA have been advising the Obama administration—at the White House’s request—on the value of industrial cybersecurity standards and the importance of incorporating them as core framework guidelines.

Cybersecurity experts across the globe regard ISA’s IACS security standards as essential safeguards because they focus on proper control system functioning, plant protection and operations, and time-critical systems response. Without these safeguards in place, industrial cyberattack can result in plant shutdown, operational and equipment impairment, significant economic and environmental damage, and public endangerment.

The ISA Security Compliance Institute independently assesses products to ensure conformity with the ISA/IEC 62443 series of IACS security standards

The ISA Security Compliance Institute (ISCI), an affiliate of ISA, is committed to ensuring that industrial automation and control devices and equipment conform to ISA’s ISA/IEC 62443 series of industrial cybersecurity standards.

Owners of manufacturing plants and operators of critical infrastructure know that the IACS components and systems they purchase with the ISASecure designation are resilient against network attacks and are free from known security vulnerabilities.

About the Automation Federation
The Automation Federation is a global umbrella organization of sixteen (16) member organizations and six working groups engaged in automation activities. The Automation Federation enables its members to more effectively fulfill their missions, advance the science and engineering of automation technologies and applications, and develop the workforce needed to capitalize on the benefits of automation. The Automation Federation is the “Voice of Automation.”

About ISA
Founded in 1945, the International Society of Automation (www.isa.org) is a leading, global, nonprofit organization that is setting the standard for automation by helping over 30,000 worldwide members and other professionals solve difficult technical problems, while enhancing their leadership and personal career capabilities. Based in Research Triangle Park, North Carolina, ISA develops standards; certifies industry professionals; provides education and training; publishes books and technical articles; and hosts conferences and exhibitions for automation professionals. ISA is the founding sponsor of The Automation Federation.