The ISA Security Compliance Institute (ISCI, www.isasecure.org) announced on Nov. 11 that exida (www.exida.com), a Sellersville, Pa.-based safety and security services firm, has earned provisional accreditation for providing ISASecure EDSA Certification services under ISCI’s globally recognized cyber-security conformance scheme.
exida is the first certification lab to achieve ANSI/ACLASS accreditation for the ISASecure EDSA Certification program, the ISCI said. ACLASS is one of two brands of the American National Standards Institute-American Society of Quality (ANSI-ASQ) National Accreditation Board.
ISASecure EDSA (for Embedded Device Security Assurance) Certification focuses on security of embedded devices, and addresses device characteristics and supplier development practices for those devices. An embedded device that meets the requirements of the ISASecure specifications receives the ISASecure EDSA certification—a trademarked designation indicating product security characteristics and capabilities. ISCI developed the ISASecure EDSA Certification within the framework of the International Society of Automation’s ISA99 Industrial Automation and Control Systems security standards.
“exida is a highly respected organization staffed with some of the industry’s most talented engineers in the fields of safety and security,” said Andre Ristaino, ISCI managing director. ”With operating sites located strategically around the globe, exida establishes the operational foundation for ISCI’s internationally recognized cyber-security certification program.”
Three elements
Suppliers seeking to certify embedded devices are directed to contact exida, who will conduct certifications on behalf of ISCI. The certification consists of three elements: a device Functional Security Assessment (FSA), a device Communication Robustness Test (CRT), and an organizational Software Development Security Assessment (SDSA).