Open Source Summit + Embedded Linux Conference Europe 2020

The targets of cyber-attacks are changing from information assets to Industrial Automation and Control System (IACS). In order to deal with evolving cyber-attacks, IACS must be kept secure. IEC-62443 series is the international standards of cyber security for IACS and recently have received great attention from around the globe. The Civil Infrastructure Platform (CIP) project that intends to create Open Source Base Layer (OSBL) also places importance on IEC-62443 series. The CIP security working group launched by the members from Germany, India, Taiwan and Japan leads activities to make the CIP software development process compliant with IEC-62443-4-1, and create the core package set to meet security requirements in IEC-62443-4-2. The primary objective of this group is to dramatically reduce certification cost for end product as well as help suppliers to efficiently utilize our artifacts. Suppliers would need to meet only few IEC-62443-4-x requirements by harnessing certified CIP platform for IEC-62443-4-1 and 4-2. Once we talked about how the group was established at OSS Japan 2019, and I will talk in detail about the achievements of the certification that actually started.