ISCI developed ISASecure® EDSA certification specifications using the framework of the ISA62443 standards. ISASecure® EDSA certification operated by ISCI as a scheme owner is a certification scheme that focuses on the security of embeded devices and contains the following three evaluation elements:
- Software Development Security Assessment(SDSA): security assessment conducted during each phase of software development processes
- Functional Security Assessment(FSA): security assessment conducted for security function implementation
- Communication Robustness Testing(CRT)
1. SDSA：Software Development Security Assessment
- Software development process for the target control device is assessed.
- The development documents(plan and artifacts) and reviewed records(PDCA process validation and record verification) are assessed.
An auditor from a certification body will visit a site, where the documents submitted for the certification will be assessed and developer are interviewed.
During SDSA, it is assessed if security activities are implemented accoring to, for instance, V-Model of development process shown in the figure below. The purpose of this assessment is to promote introduction of security into software development life cycle.
2. FSA：Functional Security Assessment
- Functional security for target control device is assessed.
- Based on EDSA-311requirements, the control device is examined about functions, initialization configuration and so on assessed if they are conformed or not.
- Validation by Independent Test : The requirements partly need to be examined by using the real product testing.
Based on the documents submitted especially for the audit and the test results of the control device, the audit is carried out by the auditor from the certification body. Main requirements for the audit are shown in the table below.
3. CRT：Communication Robustness Testing
- The service is examined if it was continually maintained, even after ISCI approved testing device sent testing packets to DUT(Device Under Test).
- The pass/fail criteria is based on whether six essential services(see below) are maintained or not. During this step, not only controller but also HMI related devices will need to be prepared actually.
- During CRT testing, a testing device recognized by ISCI is used. Please see the following URL.
An auditor from the certification body will carry out the communication robustness testing above on the control device brought into the certification body.
The communication protocols currently consist of the following six types for the target communication robustness testing.
- IEEE 802.3(Ethernet）