UL, a global safety science organization, announces its new Cybersecurity Assurance Program (UL CAP) for industrial control systems. Using the new UL 2900-2-2 Standard, UL CAP for industrial control systems offers testable cybersecurity criteria to help assess software vulnerabilities and weaknesses, minimize exploitation, address known malware, review security controls and increase security awareness.
UL CAP is for control system manufacturers looking for trusted support in assessing security risks while they continue to focus on product innovation to help build safer, more secure products, as well as for OEM's, machine tool builders, system integrators, and retrofitters who want to mitigate risks by sourcing products assessed by a trusted third party.
The Industrial Internet of Things (IIoT), Industry 4.0, is enabling more sophisticated capabilities through network-connected products and systems. As a result, industrial control systems are becoming more interconnected, connectable and networkable. The security, performance and financial risks impacting industrial control systems globally are the key drivers to develop new safeguards in an ever-changing security threat landscape faced with growing risks.
"We're aiming to support and underpin the innovative, rapidly iterating technologies that make up the IIoT with a security program," said Rachna Stegall, Director of Connected Technologies at UL. "The more industrial control systems become interconnected with other devices, the greater the potential security risks. The Cybersecurity Assurance Program's purpose is to help manufacturers, purchasers and end-users, both public and private, mitigate those risks via methodical risk assessments and evaluations."
The new UL CAP was developed with input from major stakeholders representing the U.S. Federal government, academia and industry to elevate the security measures deployed in the critical infrastructure supply chain. The White House recently released the Cybersecurity National Action Plan (CNAP), designed to enhance cybersecurity capabilities within the US government and across the country. UL's CAP services and software security efforts were recognized within the CNAP as a way to test and certify network-connectable devices within the Internet of Things supply chain and ecosystems especially relevant in critical infrastructures.
Want more information? Click below.