ISA NEWS RELEASE
Contact: Jennifer Infantino
ISA Security Compliance Institute Proposed
Research Triangle Park, NC (2 July 2007) - At a May 2007 meeting with the ISA-sponsored Automation Standards Compliance Institute (ASCI), an ad-hoc group of influential asset owners and suppliers of industrial automation technology and services moved forward with a plan to establish an ISA Security Compliance Institute.
The group established the mission for the proposed organization, which is to decrease the time, cost and risk of developing, acquiring, and deploying control systems by establishing a collaborative industry-based program among asset owners, suppliers, and other stakeholders.
The program will:
* Facilitate the independent testing and certification of control
system products to a defined set of control system security standards;
* Use existing control system security industry standards where
available, develop or facilitate development of interim standards where they don't already exist, and adopt new standards when they become available;
* Accelerate the development of industry standards that can be
used to certify that control systems products meet a common set of security requirements.
The standards, tests and conformance processes for control systems products will allow the products to be securely integrated. An ultimate goal of the organization is to push the conformance testing into the product development life cycle, so that the products are more intrinsically secure.
The rewards to the automation controls industry and consortium members are significant. For asset owners, a well designed and managed product security certification process results in reduced costs and time commitment in product selection and deployment. For suppliers and integrators, the certification process provides a single conformance framework and an industry stamp of approval, resulting in faster time to market and lower development and integration costs. For the standards bodies and government agencies developing industrial security specifications, the result will be better, field-tested standards that are clearly being followed by industry.
"The ISASecure designation that is expected to arise from the effort will identify and promote security standards conformant products and systems," said ASCI managing director Andre Ristaino. "Certification provides the formal recognition of a product's conformance to an industry standard security specification, creating a key differentiator for the product."
A membership prospectus summarizing the ISA Security Compliance Institute program scope, member benefits, and member commitments is being distributed to leading suppliers and users of automation controls.
The prospectus solicits Founding Strategic Members, who will provide strategic direction and funding necessary to launch the activity. The due date for membership applications is September 1, 2007. The consortium has a 21 month launch plan, with conformance certifications slated to begin in June 2009.
The ISA Security Compliance Institute will be managed by ISA through ASCI, in partnership with The Open Group, who will provide certification management expertise.
Please visit the ASCI website at www.isa.org/asci for more information about the Automation Standards Compliance Institute.
Visit the ISA Security Compliance Institute (ISCI) website at www.isa.org/ISASecure for more information about the control systems security initiative.
The Automation Standards Compliance Institute is an ISA-owned non-profit organizational entity that will assess automation-related standards compliance. The institute's charter includes a wide range of standards compliance assessments including software or hardware products, implementation methods, solutions, companies and individuals.
About The Open Group
The Open Group is a vendor-neutral and technology-neutral consortium, which drives the creation of Boundaryless Information Flow(tm) that will enable access to integrated information within and between enterprises based on open standards and global interoperability. The Open Group works with customers, suppliers, consortia and other standard bodies.
Its role is to capture, understand and address current and emerging requirements, establish policies and share best practices; to facilitate interoperability, develop consensus, and evolve and integrate specifications and open source technologies; to offer a comprehensive set of services to enhance the operational efficiency of consortia; and to operate the industry's premier certification service. Further information on The Open Group can be found at http://www.opengroup.org.
Note to Editors: Boundaryless Information Flow and TOGAF are trademarks of The Open Group. All other company, brand and product names may be trademarks or registered trademarks of their respective holders.
Founded in 1945, ISA (www.isa.org) is a leading, global, nonprofit organization that is setting the standard for automation by helping over 30,000 worldwide members and other professionals solve difficult technical problems, while enhancing their leadership and personal career capabilities. Based in Research Triangle Park, North Carolina, ISA develops standards; certifies industry professionals; provides education and training; publishes books and technical articles; and hosts the largest conference and exhibition for automation professionals in the Western Hemisphere. ISA is the founding sponsor of The Automation Federation (www.automationfederation.org).