SHANGHAI, Dec. 14, 2020 /PRNewswire/ — Recently, DEKRA issued the first CB international certificate of industrial cyber security according to the standard IEC62443 to Keiyip Engineering Co., Ltd in the Hong Kong electricity industry.
With the digitalization development in the power and energy industry, energy security upgraded from traditional concepts like physical security and functional security to network security, with increasing importance. On one hand, organizations can benefit from the IoT-enabled electrical power systems with an increase in productivity, profitability and energy saving. On the other hand, there are more risks from cyberattack due to the exposure of the key energy infrastructure in an open environment. For instance, in April 2020, the Portuguese energy giant Energias de Portugal (EDP) was hit by a ransomware attack with a ransom of $10.9 million demanded. In March 2019 in the U.S., a Utah-based renewable energy company was the victim of a rare denial-of-service attack (DoS) engineered through a vulnerability in the firewall. This cyberattack disrupted communication with several solar and wind installation. As evidence from the above examples, cyberattacks on power systems result not only in economic loss and damage to environment but also in loss of lives.
In this context, the international industrial cyber security standards, IEC 62443, which were jointly developed by committees of the International Standards Association (ISA) and the International Electrotechnical Commission (IEC), are increasingly more widely adopted by international product suppliers, system integrators and asset owners / operators and designers. The ISA/IEC 62443 Series addresses all security aspects of IOT-enabled systems throughout their entire lifecycle, implementing the principle of "secure by design" based on the security strategy of "defense in depth".
The IEC 62443 Series of Standards has now been integrated in the IECEE CB Scheme, and will be integrated into the forthcoming Common Regulatory Framework on Cybersecurity (CRF) by the United Nations Economic Commission for Europe (UNECE). The IEC 62443 Series has been widely recognized in numerous countries / regions including the U.S., Europe, Middle East, Japan, Korea, Singapore, Australia, India, etc., and often has been directly adopted as local standards. In China, it is currently in the process of being converted into GB standards.
As a longstanding manufacturer based in Hong Kong with more than forty years of history, Keiyip Engineering Co., Ltd. is an approved supplier of electrical services recognized by the Hong Kong SAR Government and a long-term partner of Siemens AG. The successful obtainment of the IEC 62443 CB Cyber Security Certificate is proof of KEIYIP’s capability in Power Management System (PMS) development and integration, including staffing, solution assurance, data protection, remote access, event management, account management, malware protection, patch management, backup and restore, etc. IEC62443 is not only a set of implementation standards for certification, but also a comprehensive set of instructions. It simplifies the implementation method and process of integrating cyber security into IoT-enabled products. Awarding the IEC 62443 certificate to KEIYIP demonstrates that, even in traditional industries such as the electrical industry or other general businesses, it is possible to employ these standards to enhance the cyber security of products in face of the challenges of the age of IoT.
As the world’s leading testing, inspection and certification organization, DEKRA has more than 15 years of professional experiences in cyber security testing and certification. In 2017 DEKRA was recognized as the first European organization to perform assessments and issue certificates according to IEC 62443.In 2019, DEKRA was selected by the European Union Agency for Cybersecurity (ENISA) as one of the five vendors for the support services related to the EU cyber-security certification framework. DEKRA as cyber security expert, actively participated in the international standardization committees of cyber security e.g. ISO/IEC JTC 1/SC 27/WG 3, UNE SC 27, CEN/CLC/TC 013, Common Criteria Users Forum, OmniAir Cybersecurity Working Group, and ISO/SAE AWI 21434. DEKRA is committed to meeting all safety requirements throughout the product life cycle, helping manufactures continue to improve the product quality, and doing the best to ensure the safety of consumers.
About DEKRA
DEKRA has been active in the field of safety for more than 90 years. Founded in 1925 in Berlin as Deutscher Kraftfahrzeug-Überwachungs-Verein e.V., it is today one of the world’s leading expert organizations. DEKRA SE is a subsidiary of DEKRA e.V. and manages the Group’s operating business. In 2019, DEKRA generated sales totaling 3.4 billion euros. The company currently employs almost 44,000 people in approximately 60 countries on all six continents. With qualified and independent expert services, they work for safety on the road, at work and at home. These services range from vehicle inspection and expert appraisals to claims services, industrial and building inspections, safety consultancy, testing and certification of products and systems, as well as training courses and temporary work. The vision for the company’s 100th birthday in 2025 is that DEKRA will be the global partner for a safe world.