Schneider Electric Achieves ISASecure Security Development Lifecycle Assurance Certification

Three product development sites are world’s first to reach important industry benchmark

Schneider Electric, a global specialist in energy management and automation, has received an ISASecure Security Development Lifecycle Assurance (SDLA) conformance certificate from exida, LLC, an ISASecure ISO 17065 accredited certification body.

This first-of-its-kind certificate applies to Schneider Electric’s Process Automation business product development centers in Foxboro, Mass., Worthing, U.K., and Hyderabad, India. It is based on international cybersecurity standards and was developed to accelerate industry-wide cybersecurity improvement for industrial automation and control systems (IACS).

“The ISASecure SDLA certification demonstrates Schneider Electric’s long-standing commitment to secure industrial automation and control systems, and it sets a major benchmark for the industry as a whole,” said Andre Ristaino, Managing Director of the ISA Security Compliance Institute (ISCI), a not-for-profit automation controls industry consortium that manages the ISASecure conformance certification program.

“We are proud to lead the way. Being the world’s first IACS provider to achieve this important benchmark is a testament to our commitment to delivering control and safety solutions that minimize system vulnerabilities and are resilient to cybersecurity threats,” said Raja Macha, vice president, research and development for Schneider Electric’s Process Automation business. “Addressing cybersecurity threats is a collaborative effort, however, so Schneider Electric continues to join forces with accredited certification and assessment bodies—like ISASecure and exida—to meet continuous cybersecurity demands.”

Cybersecurity is fundamental to Schneider Electric’s principles of helping its customers achieve more with fewer resources in a more connected world.

“The three certified Schneider Electric sites show they use a product development lifecycle in which cybersecurity considerations in all phases are part of their culture, demonstrating an institutionalized commitment to securing industrial automation and control systems,” said Chris O’Brien, principle partner at exida, an ISO 17065 certification body that is accredited by ANSI/ANAB to offer security certification of automation products per the ISASecure IACS Cybersecurity Assurance program.

The Schneider Electric ISASecure SDLA certificate may be viewed on the ISA Security Compliance Institute website at www.isasecure.org.

About Schneider Electric
A global specialist in energy management with operations in more than 100 countries, Schneider Electric offers integrated solutions across multiple market segments, including leadership positions in utilities & infrastructure, industries & machines manufacturers, non-residential buildings, data centers & networks and in residential. Focused on making energy safe, reliable, efficient, productive and green, the company’s 150,000 plus employees achieved sales of $31 billion in 2013, through an active commitment to helping individuals and organizations make the most of their energy.

About The ISA Security Compliance Institute (ISCI)
Founded in 2007, the ISA Security Compliance Institute’s mission is to provide the highest level of assurance possible for the cyber security of industrial automation control systems (IACS).

The Institute was established by thought leaders from major organizations in the industrial automation controls community seeking to improve the cyber security posture of Critical Infrastructure for generations to come. ISCI Members include Chevron, ExxonMobil, Aramco Services, Honeywell, Invensys (now Schneider Electric), Yokogawa, exida, Codenomicon, CSSC, and IPA-Japan.

The Institute’s goals are realized through industry standards compliance programs, education, technical support, and improvements in suppliers’ development processes and users’ life cycle management practices. The ISASecure designation ensures that IACS products conform to industry consensus cyber security standards such as IEC 62443, providing confidence to users of ISASecure products and systems and creating product differentiation for suppliers conforming to the ISASecure specification. For more information, visit www.isasecure.org.