Beyond Security’s beSTORM to be used by ISASecure

  • September 09, 2015
  • ISA
  • News

September 9, 2015 – Beyond Security’s beSTORM software security testing tool can be used by certification bodies in the ISASecure industrial automation and control system (IACS) cybersecurity certification program.

Communication Robustness Testing (CRT) is one of four dimensions of embedded device certification. CRT tools are also used for network stress testing during system level certifications. With this recognition, Beyond Security joins the growing list of cybersecurity organizations supporting the ISASecure certification scheme.

beSTORM is a commercial, black box, intelligent fuzzer that performs dynamic security testing of products in development and can be used by network administrators to certify the security of networked applications before deployment. Software QA departments that may be using a dozen different tools to test application security can now get all dynamic security testing done with just one. Administrators who must certify applications before deployment can now use a single tool to test all networked applications—even those with proprietary protocols.

ISCI publishes CRT test tool recognition requirements for evaluating CRT test tools submitted by suppliers for use in the ISASecure certification program. CRT test tools that have been formally recognized by ISCI may be used by ISASecure certification bodies for use in the CRT portion of the ISASecure EDSA and ISASecure SSA certifications.

The ISASecure tool recognition process confirms that the product’s test suites meet the ISASecure CRT requirements and are capable of consistently executing ISASecure certification tests.

ISCI recomends that suppliers use ISCI-recognized CRT test tools during the product development and testing phases to identify and correct network-based security vulnerabilities. Using recognized CRT tools during the development process also aids suppliers in preparing for the formal ISASecure EDSA certification assessment.

"We are pleased that the Beyond Secuity team has presented beSTORM for recognition as an ISASecure CRT testing tool," said Andre Ristaino, ISCI Managing Director. “It requires a long-term commient to the ISASecure global certification scheme, and we’re happy to have beSTORM recognized and on board.”

About the ISA Security Complliance Institute (ISCI) Founded in 2007, the ISA Security Compliance Institute’s mission is to provide the highest level of assurance possible for the cyber security of industrial automation control systems (IACS).

The Institute was established by thought leaders from major organizations in the industrial automation controls community seeking to improve the cyber security posture of critical Infrastructure for generations to come. ISCI Members include Chevron, ExxonMobil, Aramco Services, Honeywell, Invensys (now Schneider Electric), Yokogawa, exida, Codenomicon, CSSC, and IPA-Japan.

The Institute’s goals are realized through industry standards compliance programs, education, technical support, and improvements in suppliers’ development processes and users’ life cycle management practices. The ISASecure designation ensures that IACS products conform to industry consensus cyber security standards such as ISA/IEC 62443, providing confidence to users of ISASecure products and systems and creating product differentiation for suppliers conforming to the ISASecure specification. 

Learn More

Did you enjoy this great article?

Check out our free e-newsletters to read more great articles..