Skip to main content
Welcome to the cutting edge of safety science—Learn more about our rebrand.
  • Training

ISA/IEC 62443 Training for Product and System Manufacturers

Design more secure industrial products and components with cybersecurity training for engineers based on ISA/IEC 62443-4-1 and 4-2.

Engineer using tablet to check the robot system while her teamwork checks the security of the robot.

Empowering you to make educated choices based on the ISA/IEC 62443 family of standards

The use of commercial off-the-shelf (COTS) technologies and the increase in the networking of industrial automation and control systems (IACS) have exposed IACS to similar vulnerabilities as information systems. The product supplier has a key role to play in the supply chain and the security of an IACS solution.

This three-day training course focuses on the ISA/IEC 62443 standard. The ISA/IEC 62443 series of standards was developed to increase the security of IACS throughout their lifecycle. It currently includes several standards, technical reports (TR) and technical specifications (TS). During an interactive training for component and product manufacturers, we will empower you to make educated choices about the implementation of security based on the ISA/IEC 62443 family of standards, considering security issues related to control and automation systems. This certification training has a core focus on Part 4 of ISA/IEC 62443, which provides detailed requirements for IACS products:

  • 4-1 – Secure product development lifecycle requirements.
  • 4-2 – Technical security requirements for IACS components.

The course will also cover an overview of all the sub-standards, how they apply to you for defining your road map for process and product cybersecurity assessment, as well as certification needs and required investment.

Training topics

  • Introduction to ISA/IEC 62443.
  • Understanding the framework of ISA/IEC 62443.
  • Industry 4.0 trends and challenges.
  • Cyber-attacks in IACS – vulnerabilities and consequences.
  • IACS concept, principal roles and architecture.
  • Security levels and maturity levels.
  • Secure lifecycle view.
  • Defense in depth.
  • Zero trust.
  • Security for IIoT devices.
  • Security supply chain.
  • Risk assessment and management from a product perspective.
  • Threat modeling.
  • Vulnerabilities and countermeasures.
  • Challenges during IACS patch management.
  • Recommended requirements for IACS product suppliers.
  • Security design embracing ISA/IEC 62443 architecture.
  • Security management.
  • Specification of security requirements.
  • Secure by design.
  • Secure implementation.
  • Security verification and validation testing.
  • Management of security-related issues.
  • Security guidelines.

Training objectives

Upon successful completion of this training, you will be able to:

  • Help establish security by design for your systems and products.
  • Determine the right level of security for products and systems.
  • Take care of product security due diligence.
  • Demonstrate your security compliance to a wide range of target markets and customers.
  • Differentiate products/systems based on security against competitive products/systems.
  • Gain a competitive advantage and enhance your market position.
  • Make your components’ security transparent and accessible to system integrators and end users.
  • Embed security into development processes.
  • Instill cybersecurity rigor into your processes.
  • Demonstrate validation of security to customers.

Optional UL Certified CCSP Professional Exam

Participants who complete all three days of training are eligible to take an online certification exam. Those who pass the exam are individually certified as a UL Certified cybersecurity professional (UL-CCSP), product manufacturer, ISA/IEC 62443-4-1, -4-2. Training can be completed in person or remotely. If completed remotely, the three days of training can be arranged in time slots convenient to you.

Upon successfully completing the UL-CCSP exam, participants will receive a certificate and badge that they can use to demonstrate their competence in the ISA/IEC 62443 4-1 and 4-2 IACS products. The certification is good for three years, after which point individuals may recertify.

Register for the training today.

Download now

ISA/IEC

ISA/IEC 62443 Cybersecurity Training - Components and Product Manufacturers

233.19 KB