Siemens: How to determine a PLC’s security certification

In 2018, the ISA (International Society of Automation) and IEC (International Electrotechnical Commission) introduced a framework of security standards, known as the ISA/IEC 62443 series of standards, to combat existing and prevent future security issues that might arise in industrial automation and control systems (also known as IACSs).  One standard in the framework, ISA-62443-4-2 or Security for Industrial Automation and Control Systems: Technical Security Requirements for IACS Components, covers the cybersecurity requirements that each individual component within an IACS must fulfill.  This standard ensures that each component (embedded devices, network and host components, and software applications) is able to “mitigate threats for a given security level without the assistance of compensating countermeasures”1.

Although many Siemens components fulfill the IEC 62443 standard, Siemens follows a separate certification process known as Achilles, which integrates testing for IEC 62443.  The Achilles certification process encompasses multiple levels.  While many industrial components are Achilles Level I certified, ensuring the device’s network capabilities remain operationally functional under harsh conditions2, a limited number of components are Achilles Level II certified, which includes both fulfillment of Level I requirements and additional higher level DNS tests and tougher requirements.

To determine which Siemens PLC platforms are Achilles Level II certified, navigate to the Siemens Industry Online Support (SIOS) website and search for the PLC part number in question.  Once the search results appear, filter down by “Certificate”.  

For example, searching for a SIMATIC S7-400 CPU412-5H PN/DP (part number 6ES7412-5HK06-0AB0) and filtering by “Certificate” will return THIS Achilles Level II Certification as a result.

In addition, Siemens also provides a series of guidelines to ensure that that their PLCs and communication processors (CPs) are implemented within control systems that meet cybersecurity standards.  Please click HERE to read more about Siemens’ Defense in Depth Strategy for industrial security.

Additional Contributions

  • Julyann Tu – AWC, Inc.

Sources

Based in Houston, TX, Matt Paulissen is AWC’s Texas Gulf Coast Engineering Manager. With 11 years at AWC, he holds certifications in Siemens Automation, Networking, Wireless, and SCADA, as well as Moxa Networking, Wireless, IO, IIOT, and Industrial Computing. As an experience Application Engineer, he is frequently an expert guest speaker on these topics on industry podcasts.

Matt Paulissen

Application Engineering Manager

Matt Paulissen

Application Engineering Manager

Based in Houston, TX, Matt Paulissen is AWC’s Texas Gulf Coast Engineering Manager. With 11 years at AWC, he holds certifications in Siemens Automation, Networking, Wireless, and SCADA, as well as Moxa Networking, Wireless, IO, IIOT, and Industrial Computing. As an experience Application Engineer, he is frequently an expert guest speaker on these topics on industry podcasts.
Leave a Reply

Your email address will not be published. Required fields are marked *