Aramco Services Company Joins the ISA Security Compliance Institute

World-leading oil and gas services company demonstrates support for the ISASecure® industrial controls cybersecurity certification programs

Research Triangle Park, North Carolina, USA (11 July 2014) –The ISA Security Compliance Institute Institute announces that Aramco Services Company, the North American-based services division of Saudi Aramco, the state oil company of Saudi Arabia, has joined the ISA Security Compliance Institute. 

Established in 1950, Aramco Services Company (ASC) is the US-based subsidiary of Saudi Aramco, the state-owned oil company of the Kingdom of Saudi Arabia and a fully integrated, global petroleum and chemicals enterprise. ASC’s geographical area of responsibility extends throughout North America, with operations in the US and Canada, and selected activities in South America.

ASC conducts a wide range of services to help Saudi Aramco facilitate the safe and reliable delivery of energy to customers around the globe. Core services include identifying upstream and downstream technologies, best practices and potential technology partners for Saudi Aramco; working with suppliers and vendors to provide Saudi Aramco with goods and services; providing business management services to Saudi Aramco project teams operating in North America, and conducting quality inspections for materials and equipment procured for Saudi Aramco. The company also manages Saudi Aramco exhibits at energy-industry trade shows.

“Aramco Services Company has tremendous experience in the oil and gas industry.”  said Andre Ristaino, Managing Director, ISA Security Compliance Institute, “and we look forward to their support as the ISASecure certification scheme extends its coverage.”

About the ISASecure™ Cybersecurity Certification Program

The ISASecure™ program has been developed by the ISA Security Compliance Institute (ISCI) with a goal to accelerate industry-wide improvement of cyber security for Industrial Automation and Control Systems (IACS). It achieves this goal by offering a common industry-recognized set of device and process requirements that drive device security, simplifying procurement for asset owners and device assurance for equipment vendors.

ISASecure Embedded Device Security Assurance Certification (ISASecure EDSA), the first ISASecure certification, focuses on security of embedded devices and addresses device characteristics and supplier development practices for those devices. Through this certification, an embedded device that meets the requirements of the ISASecure specifications receives the ISASecure EDSA certification—a trademarked designation that provides instant recognition of product security characteristics and capabilities.   The second and third certifications include the System Security Assurance (SSA) and Security Development Life Cycle Assurance (SDLA).

The ISASecure certification program is an ISO/IEC Guide 65 conformance scheme (transitioning to ISO/IEC 17065) supporting ISCI’s goal to operate a globally recognized industrial automation controls cyber security certification program. This third-party accreditation by ANSI/ACLASS enhances the credibility and value of the ISASecure certification by attesting to the competence and qualification of ISCI certification bodies and laboratories. Visit www.ansi.org/isasecure for details on the ISASecure ANSI/ACLASS accreditation process.

About the ISA Security Compliance Institute

Founded in 2007, the ISA Security Compliance Institute’s mission is to provide the highest level of assurance possible for the cyber security of industrial automation control systems.

The Institute was established by thought leaders from major organizations in the industrial automation controls community seeking to improve the cyber security posture of Critical Infrastructure for generations to come. Members include Chevron, ExxonMobil, Honeywell, Invensys/Schneider, and Yokogawa, exida, IPA-Japan, CSSC and, Codenomicon.

The Institute’s goals are realized through industry standards compliance programs, education, technical support, and improvements in suppliers’ development processes and users’ life cycle management practices. The Institute’s ISASecure™ designation ensures that industrial automation control products conform to industry consensus cyber security standards such as IEC ISA/IEC 62443, providing confidence to users of ISASecure products and systems and creating product differentiation for suppliers conforming to the ISASecure specification. www.isasecure.org  

ISASecure® is a trademark of the ISA Security Compliance Institute.
ISCI press contact:
Andre Ristaino
919-990-9222