See Our Certifications and How They Help Reduce Risk in Your Industry

View Certified Devices

Contact Us Now

IEC 62443 - EDSA Certification

ISASecure EDSA Certification Specifications - version 2010.1 ARCHIVED


The specifications on this page have been superseded by version 2.0.0 as of 01 July 2016.  These are posted for historical purposes only.

Embedded Device Security Assurance (EDSA) Certification Scheme Description

EDSA-100 ISASecure Certification Scheme View / Download PDF
EDSA-102-Errata (v1_4) View / Download PDF
 

Lab Accreditation Requirements and Tool Recognition Requirements

EDSA-200 Chartered Lab Operations and Accreditation View / Download PDF
EDSA-201 Recognition Process for Communication Robustness Testing Tools View / Download PDF
EDSA-202 Chartered Lab Application and Contract View / Download PDF
EDSA-204 Use of Symbol and Certificates View / Download PDF
EDSA-206 CRT Lab Operations and Accreditation View / Download PDF
ASCI Chartered Test Lab 2009 Approval Process View / Download PDF
ISASecure-111 Transition to ISO/IEC 17065 View / Download PDF
ISASecure-112 Transition to EDSA 2.0.0 and SSA 2.0.0 View / Download PDF
ISASecure-113 Transition to EDSA 2.0.0 and SSA 2.0.0 View / Download PDF
 

Initial Certification and Maintenance of Certification Policies and Criteria

EDSA-300 ISASecure Certification Requirements View / Download PDF
EDSA-301 Maintenance of ISASecure Certification View / Download PDF
 

Certification Requirements Specifications for EDSA (Three Assessment Categories FSA, SDSA, CRT)

EDSA-311 Functional Security Assessment (FSA) View / Download PDF
EDSA-312 Software Development Security Assessment (SDSA) View / Download PDF
EDSA-310 Common Requirements for Communication Robustness Testing (CRT) View / Download PDF

CRT Test Requirements for Protocols in EDSA Certification

 
EDSA-401 Ethernet robustness test specification View / Download PDF
EDSA-402 ARP robustness test specification View / Download PDF
EDSA-403 IPv4 robustness test specification View / Download PDF
EDSA-404 ICMPv4 robustness test specification View / Download PDF
EDSA-405 UDP robustness test specification View / Download PDF
EDSA-406 TCP robustness test specification View / Download PDF

 

 

Embedded Device Security Assurance (EDSA) - version 2.0.0 effective 01 July 2016

Scope

The first ISASecure certification, Embedded Device Security Assurance (EDSA) focuses on the security of embedded devices and addresses device characteristics and supplier development practices for those devices.  The EDSA certification is designed to certify to international standards IEC 62443-4-1 Product Development Requirements and IEC 62443-4-2 Technical Security Requirements for IACS Components.

An embedded device that meets the requirements of the ISASecure EDSA specification earns theISASecure EDSA certification; a trademarked designation that provides instant recognition of product security characteristics and capabilities, and provides an independent industry stamp of approval similar to a ‘Safety Integrity Level’ Certification (ISO/IEC 61508). The ISASecure EDSAcertification offers three levels of recognition for a device, reflecting increasing levels of device security assurance. The levels include ISASecure Level 1 for Devices, ISASecure Level 2 for Devices, and ISASecure Level 3 for Devices. All levels of security certification granted under this program contain the following technical elements:
 
  • Functional Security Assessment (FSA)
  • Software Development Security Assessment (SDSA)
  • Communication Robustness Testing (CRT)



FSA and SDSA evaluation requirements increase in rigor for levels 2 and 3 while CRT criteria are the same regardless of certification level. The ISASecure Embedded Device Security Assurance Certification brochure (see below), provides a description of the three technical certification elements, certification levels, and the certification program.

ISASecure® EDSA Conformance Scheme Definition Documents

There are five major categories of ISASecure EDSA program documents:
 
  • Technical specifications, shown in solid light blue, that describe the technical criteria applied to determine whether a device will be certified.

    NOTE ISASecure EDSA program development has followed and leveraged the parallel ISA99 standards effort underway for embedded device cyber security requirements. When the ISA-99.04.01 standard is completed, the ISASecure Embedded Device certification technical specifications will be updated to serve as a compliance program for that standard.
  • Accreditation/recognition, shown in gold diagonal stripe, that describe how an organization can become a chartered laboratory or a tool supplier can obtain recognition for a CRT tool
  • Symbol and certificates, shown in blue horizontal stripe, covers the topic of proper usage of the ISASecure symbol and certificate.
  • Structure, shown in an orange brick pattern, used to describe and operate the overall program.
  • External references, shown in solid dark grey, are documents that exist outside of this particular program that are referenced by ISASecure EDSA program documents.
  • The ISASecure EDSA detailed formal specifications are listed in the table below and available for download.

 

Embedded Device Security Assurance (EDSA) Certification Scheme Description

EDSA-100 ISASecure Certification Scheme View / Download PDF
EDSA-102-Errata View / Download PDF
 

Initial Certification and Maintenance of Certification Policies and Criteria

EDSA-300 ISASecure Certification Requirements View / Download PDF
EDSA-301 Maintenance of ISASecure Certification View / Download PDF
 

Certification Requirements Specifications for EDSA (Three Assessment Categories FSA, SDSA, CRT)

EDSA-311 Functional Security Assessment (FSA) View / Download PDF
EDSA-312 Security Development Artifacts for Embedded Devices View / Download PDF
EDSA-310 Requirements for Embedded Device Robustness Testing View / Download PDF
SSA-420 Vulnerability Identification Test (VIT) Policy Specification View / Download PDF

CRT Test Requirements for Protocols in EDSA Certification

 
EDSA-401 Ethernet robustness test specification View / Download PDF
EDSA-402 ARP robustness test specification View / Download PDF
EDSA-403 IPv4 robustness test specification View / Download PDF
EDSA-404 ICMPv4 robustness test specification View / Download PDF
EDSA-405 UDP robustness test specification View / Download PDF
EDSA-406 TCP robustness test specification View / Download PDF

Lab Accreditation Requirements

ISASecure-112 Transition to EDSA 2.0.0 and SSA 2.0.0                                                                                                 View / Download PDF

ISASecure® EDSA Conformance Scheme Fees

 
EDSA Certification Registration Fee - Member (billed when passed) $7,500
EDSA Certification Registration Maintenance Fee - Member (billed when passed) $2,500
EDSA Certification Registration Fee - non-Member (billed when passed) $12,500
EDSA Certification Registration Maintenance Fee - non-Member (billed when passed) $3,000