Secomea - Security?

Ian -

Here are copies of pages from the Secomea Website which can also be found by selecting the headings.

Security certification

The world’s first and only security certified remote access solution

By November 2014 the remote access solution from Secomea was officially security certified, as the first and only remote access solution worldwide. This was done in order to further strengthen our position as a market leader within remote access solutions for the automation and machine industry and to emphasize our key statement: “Security is our number one priority”.

Secomea’s remote access solution is deployed and used by major machine builders and system integrators all over the world. The solution consists of a control unit at the factory (SiteManager) in form of either hardware or software and a Web or Windows based client (LinkManager) operated by technicians or end-users. These two components are tied together via a central M2M communication server (GateManager).

 

Security audit by ProtectEM GmBH

IT security standards and frameworks applicable for this type of solution have either de-facto status or are work-in-progress, so we chose to focus on relevant elements of the leading international standards.

Secomea approached the esteemed German security organization ProtectEM GmBH that works in close cooperation with the Deggendorf Institute of Technology.

ProtectEM used a framework based on:

  • Auditing processes according to NIST SP800-115 & ISECOM OSSTMM
  • Concept auditing based on BSI (German federal office for information security), ISA 99, and IEC 62443
  • Component auditing where components were individually analyzed and stressed
  • System auditing where end-to-end security was thoroughly assessed
 

Security audit successfully passed

Based on findings and feedback during the auditing process Secomea developed a number of security optimizations, which were consolidated into the different solution components and verified. On November 11th, ProtectEM could provide a comprehensive and final security audit report, and their official security certificate with the statement: “Successfully Passed”.

 

Setting new security standards for the industry

With the Secomea Remote Access Solution version 5.8 launched November 19th, Secomea presents a remote access solution that sets new security standards for the industry.

 

Secomea Security Certificate

Industry 4.0 certification 

Secomea solution is Industry 4.0 certified

In November 2015 the remote access solution and components from Secomea were officially Industry 4.0 certified. This ensures compliance and enabling of the Reference Architecture Model Industrie 4.0 (RAMI4.0) with reference to IEC/PAS 62443-3 for the components GateManager, SiteManager, LinkManager, LinkManager Mobile. The certification supplements Secomeas general security certification obtained in 2014.

 industry4

Industrie 4.0 compliance & enablement audit by ProtectEM GmBH

The Industrie 4.0 compliance & enablement audit was conducted by the esteemed German security organization ProtectEM GmbH led by Professor Dr. Peter Fröhlich who is active member of the security working committee for Industry 4.0. ProtectEM generally specializes in consultancy, concept development and security auditing within industrial and process automation and a range of other industries relying on critical processes.

 

Provide guidelines for processes and procedures

”The purpose of the audit was to clearly validate if our products were in scope with the current state of the RAMI4.0 architecture and suitable as I40 enablers; and I am proud to see the report confirming that”, says Secomea Product Manager, Peter Koldig Hansen, and continues: ”Another goal was to actively participate in demystifying I40 in relation to secure remote access, and based on the report to provide guidelines for processes and procedures for solution deployment in a way that is fully aligned with I40 criteria”.

Have more questions? Submit a request

Comments

Powered by Zendesk