TÜViT & TÜV NORD CERT test and certify TK Elevator’s product development process in accordance with IEC 62443-4-1

September 8, 2022

TÜV Informationstechnik (TÜViT) has audited TK Elevator’s product development process in accordance with the IEC 62443-4-1 part of the standard. With the certification of this part of the standard, the manufacturer proves that the topic of security is taken into account as part of a process from the product definition to the “End of Life Declaration”. With certification by TÜV NORD CERT, the manufacturer of lift systems can now demonstrate a secure product development process in accordance with IEC 62443-4-1.

Networked industrial plants bring with them many advantages, but they also harbour dangers. If cyber criminals manage to gain access, they can sometimes put entire industrial plants out of operation. With the aim of increasing IT security in the environment of the process and automation industry, the IEC 62443 standard was therefore developed, which has established itself as an international standard for cybersecurity in industrial automation. Part 4-1 of the standard contains requirements for the life cycle of secure product development.

TK Elevator also knows that IT security can only be achieved if it is taken into account throughout the entire product life cycle and has therefore had the security of its product development process (PDLC) tested by TÜViT. In a first step, TÜViT carried out a GAP analysis with the aim of evaluating the completeness of the existing PDLC. The focus was on requirements that are placed on the secure development of products, such as the development, maintenance and decommissioning of hardware, software or firmware, secure implementation and patch management. This is to ensure that potential vulnerabilities of systems or individual components can be detected and closed within the life cycle. Among other things, the security documentation and the security strategy, which defines information such as scope, roles and responsibilities with regard to the product life cycle, were evaluated. With the fulfilment of the requirements checked within the scope of a certification audit by TÜViT and the final successful certification.

“With the successful certification according to IEC 62443-4-1, TK Elevator can now objectively prove that industrial security has been thought through from the very beginning and that the company’s products meet the highest cybersecurity standards,” says Axel Lange, Head of Marketing & Sales at TÜViT.

Related Articles

“E-wallet”: US banks arm themselves against PayPal

“E-wallet”: US banks arm themselves against PayPal

Joint digital payment system also to compete with providers such as Apple Pay: The largest banks in the USA want to jointly establish an electronic wallet to take on competitors such as Apple Pay (https://www.apple.com/at/apple-pay/) and PayPal...

New law for critical infrastructures

New law for critical infrastructures

KÖTTER Security calls for greater consideration of private security service providers Acts of sabotage against railway lines and cyber-attacks on public institutions have recently brought security for critical infrastructures (CRITIS) back into the public focus....

Walking stick 2.0 for the visually impaired finds muesli

Walking stick 2.0 for the visually impaired finds muesli

An intelligent walking stick developed by researchers at the University of Colorado Boulder (https://www.colorado.edu) is designed to make life easier for blind and visually impaired people. It is equipped with a camera and software that can evaluate images. In...