September 10, 2021

FM Approvals Cyber Security Accreditation for Industrial Control Systems

FM Approvals' new state-of-the-art industrial control systems (ICS) cyber security laboratory has recently received accreditation from ISASecure as a Certification Body (CB) for:

  • CSA 100 - Component Security Assurance
  • SSA 100 - System Security Assurance 
  • SDLA 100 - Security Development Lifecycle Assurance

The ISA Security Compliance Institute (ISCI) is a not-for-profit automation controls industry consortium that manages the ISASecure™ conformance certification program. The ISASecure™ designation is earned by industrial control suppliers for products that demonstrate adherence to industry consensus cyber security specifications for security characteristics and supplier development practices. The ISASecure program is based upon the ICS security lifecycle as defined in ISA/IEC 62443.

FM Approvals' new cyber security laboratory, located in Norwood, Massachusetts and staffed with a dedicated team of cyber security and industrial control experts, is a fully virtualized security test environment, hosting its own servers and specially designed cyber security test stations. The lab is configured to efficiently evaluate multiple ICS products in parallel for compliance with the applicable cyber security standards. ICS products that successfully complete FM Approvals' ISASecure evaluation program will bear the FM Diamond along with a specific security level which signifies that the ICS product is robust against cyber-attacks and free from known vulnerabilities. These ICS products will be listed in a special ICS Cyber Security section of the Approval Guide.

FM Approvals has also received approval from the Standards Council of Canada (SCC) for scope modification within the Laboratory Accreditation Program (LAP) to reflect the addition of:

  • EN IEC 62443-3-3 Industrial Communication Networks – Network and system security – Part 3-3:  System security requirements and security levels
  • EN IEC 62443-4-1 Security for industrial automation and control systems – Part 4-1: Secure product development lifecycle requirement
  • EN IEC 62443-4-2 Security for industrial automation and control systems – Part 4-2: Technical security requirements for IACS components

The Standards Council of Canada is a leading accreditation organization that ensures conformity assessment bodies meet the highest national and international standards against nationally and internationally recognized standards.

If you have a question regarding an FM Approval of industrial control systems for cyber security, please send an email to information@fmapprovals.com or contact Keith Blackman directly at keith.blackman@fmapprovals.com or +1 781 255 4814.