New technology sets ever-increasing demands for industrial automation systems
Valmet has been developing the cyber security capabilities of Valmet DNA automation systems systematically for decades. Since modern automation systems use software and modern technologies extensively, Valmet wanted to make sure that also their product development process is secure and meets the most important industry standards.
New certified secure product development methodoloy
Cyber security experts from Valmet and Intopalo Digital, which is an Insta company that focuses on intelligent industry solutions, developed together a new product development methodology. Insta’s cyber security experts are also applying these procedures to Valmet products.
Product development methods include learning packages, process descriptions, various ready-made templates and new tools. The modern process is based on DevOps thinking, a broad set of assisting tools and online learning. For example instead of traditional documents, the solution uses a web based application, where the R&D engineers can create the required cybersecurity documentation from the right templates with a click of a button. Thanks to the web based tool, R&D management can see metrics of how well the secure development method has been adopted and whether it is running as intended.
Product development methods were developed and certified based on the IEC 62443-4-1 standard, which is a fundamental cyber security standard in automation and industrial solutions. This standard was chosen to ensure that Valmet can prove the high level of security in their development method in an internationally credible manner.
World's leading automation certification company Exida and the international automation cyber security certification organization ISA Security Compliance Institute (ISCI) have granted Valmet an ISASecure® certificate, which covers ANSI/ISA-62443-4-1-2018 and IEC 62443-4-1:2018 standards.
The certificate proves that Valmet’s product development methods fulfill all 47 demands of the standard in 8 different areas of product development, multi-level security testing, software releasing and cyber security maintenance.
"The ISASecure® certified product development process that we developed together with Insta has been a huge success. The work was finished well ahead of schedule. With this solution, the awareness and know-how of cyber security have risen to a higher level throughout the organization. It is my pleasure to recommend Insta’s secure software engineering services to other organizations."
Juuso Kanner, Director, Automation Platform R&D
Please find Valmet’s certificate by clicking: