See Our Certifications and How They Help Reduce Risk in Your Industry

View Certified Devices

Contact Us Now

IEC 62443 - EDSA Certification

Embedded Device Security Assurance (EDSA) - version 2.0.0


 (Valid until 2/13/2019)

Scope

The first ISASecure certification, Embedded Device Security Assurance (EDSA) focuses on the security of embedded devices and addresses device characteristics and supplier development practices for those devices.  The EDSA certification is designed to certify to international standards IEC 62443-4-1 Product Development Requirements and IEC 62443-4-2 Technical Security Requirements for IACS Components.

An embedded device that meets the requirements of the ISASecure EDSA specification earns theISASecure EDSA certification; a trademarked designation that provides instant recognition of product security characteristics and capabilities, and provides an independent industry stamp of approval similar to a ‘Safety Integrity Level’ Certification (ISO/IEC 61508). The ISASecure EDSAcertification offers three levels of recognition for a device, reflecting increasing levels of device security assurance. The levels include ISASecure Level 1 for Devices, ISASecure Level 2 for Devices, and ISASecure Level 3 for Devices. All levels of security certification granted under this program contain the following technical elements:
 
  • Functional Security Assessment (FSA)
  • Software Development Security Assessment (SDSA)
  • Communication Robustness Testing (CRT)



FSA and SDSA evaluation requirements increase in rigor for levels 2 and 3 while CRT criteria are the same regardless of certification level. The ISASecure Embedded Device Security Assurance Certification brochure (see below), provides a description of the three technical certification elements, certification levels, and the certification program.

ISASecure® EDSA Conformance Scheme Definition Documents

There are five major categories of ISASecure EDSA program documents:
 
  • Technical specifications, shown in solid light blue, that describe the technical criteria applied to determine whether a device will be certified.

    NOTE ISASecure EDSA program development has followed and leveraged the parallel ISA99 standards effort underway for embedded device cyber security requirements. When the ISA-99.04.01 standard is completed, the ISASecure Embedded Device certification technical specifications will be updated to serve as a compliance program for that standard.
  • Accreditation/recognition, shown in gold diagonal stripe, that describe how an organization can become a chartered laboratory or a tool supplier can obtain recognition for a CRT tool
  • Symbol and certificates, shown in blue horizontal stripe, covers the topic of proper usage of the ISASecure symbol and certificate.
  • Structure, shown in an orange brick pattern, used to describe and operate the overall program.
  • External references, shown in solid dark grey, are documents that exist outside of this particular program that are referenced by ISASecure EDSA program documents.
  • The ISASecure EDSA detailed formal specifications are listed in the table below and available for download.

 

Embedded Device Security Assurance (EDSA) Certification Scheme Description

EDSA-100 ISASecure Certification Scheme View / Download PDF
EDSA-102-Errata View / Download PDF
 

Initial Certification and Maintenance of Certification Policies and Criteria

EDSA-300 ISASecure Certification Requirements View / Download PDF
EDSA-301 Maintenance of ISASecure Certification View / Download PDF
 

Certification Requirements Specifications for EDSA (Three Assessment Categories FSA, SDSA, CRT)

EDSA-311 Functional Security Assessment (FSA) View / Download PDF
EDSA-312 Security Development Artifacts for Embedded Devices View / Download PDF
EDSA-310 Requirements for Embedded Device Robustness Testing View / Download PDF
SSA-420 Vulnerability Identification Test (VIT) Policy Specification View / Download PDF

CRT Test Requirements for Protocols in EDSA Certification

 
EDSA-401 Ethernet robustness test specification View / Download PDF
EDSA-402 ARP robustness test specification View / Download PDF
EDSA-403 IPv4 robustness test specification View / Download PDF
EDSA-404 ICMPv4 robustness test specification View / Download PDF
EDSA-405 UDP robustness test specification View / Download PDF
EDSA-406 TCP robustness test specification View / Download PDF

Lab Accreditation Requirements

ISASecure-112 Transition to EDSA 2.0.0 and SSA 2.0.0                                                                                                 View / Download PDF

ISASecure® EDSA Conformance Scheme Fees

 
EDSA Certification Registration Fee - Member (billed when passed) $7,500
EDSA Certification Registration Maintenance Fee - Member (billed when passed) $2,500
EDSA Certification Registration Fee - non-Member (billed when passed) $12,500
EDSA Certification Registration Maintenance Fee - non-Member (billed when passed) $3,000

 

 

Embedded Device Security Assurance (EDSA) - version 2.1.0 - effective 13 February 2018

 

*See ISASecure-115 for version transition details*


Scope


The first ISASecure certification, Embedded Device Security Assurance (EDSA) focuses on the security of embedded devices and addresses device characteristics and supplier development practices for those devices.  The EDSA certification is designed to certify to international standard IEC 62443-4-1 Security for industrial automation and control systems Part 4-1: Secure product development requirements and to the international standard IEC 62443-4-2 Security for industrial automation and control systems Part 4-1: Technical security requirements for IACS components once that standard is approved.

An embedded device that meets the requirements of the ISASecure EDSA specification earns the ISASecure EDSA certification; a trademarked designation that provides instant recognition of product security characteristics and capabilities, and provides an independent industry stamp of approval similar to a ‘Safety Integrity Level’ Certification (ISO/IEC 61508). 

ISASecure EDSA is a certification program for embedded devices, where a product is considered to be an embedded device if it satisfies the definition provided in 3.1.18 of EDSA-100.   (Embedded device: special purpose device running embedded software designed to directly monitor, control or actuate an industrial process). The elements of an EDSA certification are illustrated in Figure 1 below.

In order to obtain ISASecure EDSA certification, a supplier must pass a security development lifecycle process assessment (SDLPA).  Based upon this assessment, an ISASecure SDLA process certification is granted as described in SDLA-100. A supplier may already hold an SDLA process certification when they apply for an EDSA certification, or may apply for EDSA and SDLA certification in parallel. ISASecure certification of embedded devices has three additional elements:

·         Security Development Artifacts for embedded devices (SDA-E);
·         Functional Security Assessment for embedded devices (FSA-E); and
·         Embedded device robustness testing (ERT).

SDLPA and SDA-E both assess development process, hence are grouped under "Security Development Assessment" in Figure 1 below. SDA-E examines the artifacts that are the outputs of the supplier’s security development processes as they apply to the embedded device to be certified. FSA-E examines the security capabilities of the device, while recognizing that in some cases security functionality may be allocated to other components of the device’s overall system environment.

ERT has two major elements - Vulnerability Identification Testing (VIT) and Communication Robustness Testing (CRT).  VIT scans the device for the presence of known vulnerabilities. CRT examines the capability of the device to adequately maintain essential functions while being subjected to normal and erroneous network protocol traffic at normal to extremely high traffic rates (flood conditions).

The program offers three certification levels for a device, offering increasing levels of device security assurance. These certifications are called ISASecure EDSA Level 1, ISASecure EDSA Level 2, and ISASecure EDSA Level 3.

All levels of certification include the certification elements above. The SDLPA and SDA-S assessments are the same for all certification levels with the exception of allowable residual risk for known security issues. FSA-E and VIT increase in rigor for levels greater than 1; pass/fail criteria for VIT reference applicable FSA-E requirements. CRT criteria are the same regardless of certification level. Figure 1 illustrates this concept.


Figure 1 - Evaluation Elements for  ISASecure EDSA Certification
 

Embedded Device Security Assurance (EDSA) Certification Scheme Description

EDSA-100 ISASecure Certification Scheme View / Download PDF    
EDSA-102-Errata View / Download PDF    

Lab Accreditation Requirements

ISASecure-115 Transition to SDLA 2.0.0, EDSA 2.1.0 and SSA 2.1.0                                                                         View / Download PDF

Initial Certification and Maintenance of Certification Policies and Criteria

   
EDSA-300 ISASecure Certification Requirements View / Download PDF    
EDSA-301 Maintenance of ISASecure Certification View / Download PDF    

Certification Requirements Specifications for EDSA (Five Assessment Categories SDLPA, SDA, FSA, CRT, VIT)

   
EDSA-311 Functional Security Assessment (FSA) View / Download PDF    
EDSA-312 Security Development Artifacts for Embedded Devices View / Download PDF    
EDSA-310 Requirements for Embedded Device Robustness Testing View / Download PDF    
SSA-420 Vulnerability Identification Test (VIT) Policy Specification View / Download PDF    
SDLA-312 Security Development Lifecycle Assessment View / Download PDF    
SDLA-100 ISASecure Certification Scheme View / Download PDF    

CRT Test Requirements for Protocols in EDSA Certification

     
EDSA-401 Ethernet robustness test specification View / Download PDF    
EDSA-402 ARP robustness test specification View / Download PDF    
EDSA-403 IPv4 robustness test specification View / Download PDF    
EDSA-404 ICMPv4 robustness test specification View / Download PDF    
EDSA-405 UDP robustness test specification View / Download PDF    
EDSA-406 TCP robustness test specification View / Download PDF    

ISASecure® EDSA Conformance Scheme Fees

 
EDSA Certification Registration Fee - Member (billed when passed) $7,500
EDSA Certification Registration Maintenance Fee - Member (billed when passed) $2,500
EDSA Certification Registration Fee - non-Member (billed when passed) $12,500
EDSA Certification Registration Maintenance Fee - non-Member (billed when passed) $3,000