The Industrial Internet of Things (IIoT), also known as Industry 4.0, is connecting modern manufacturing equipment and machinery across networks and the Internet. While the operational advantages of this digital awakening are clear to see, there are many unseen cybersecurity risks that now need to be addressed.

According to many recent reports and the U.S. government, not only is there a rise in the number of cyber attacks occurring – the sophistication of them has also advanced.  It is imperative that industrial control systems are evaluated for cybersecurity to help ensure reliability, decrease downtime, prevent damage to assets, mitigate risk and improve security.

With our extensive expertise in software, hardware and interoperability, UL can help mitigate these concerns for manufacturers, vendors and their customers through our UL Cybersecurity Assurance Program (UL CAP) that utilizes the new UL 2900-2-2 standard for ICS.

UL CAP offers trusted third party support with the ability to evaluate both the security of network-connectable products and systems as well as the vendor processes for developing and maintaining products and systems with a security focus.  The program allows vendors to concentrate on product innovation with emerging technologies and capabilities to meet the ongoing needs of the marketplace.

For increased flexibility, vendors can select the UL CAP services for factory automation and industrial control systems best suited for their current needs:

  • Testing security criteria based on UL 2900-2-2 cybersecurity standard or specified requirements
  • Testing leading to certification based on UL 2900-2-2 cybersecurity standard
  • Evaluation and risk assessment of vendor processes for developing and maintaining security products and systems
  • Training in security readiness for product design and sourcing third party components

Why Choose UL CAP for ICS

The UL CAP was developed with input from major stakeholders representing the U.S. Federal government, academia and industry to elevate the security measures deployed in the critical infrastructure supply chain. In fact, the UL CAP services and software security efforts are recognized within the U.S. White House Cybersecurity National Action Plan (CNAP) as a way to test and certify network-connectable devices within the IoT supply chain.

Early adoption of the UL CAP provides a competitive advantage by differentiation in the marketplace and can help to mitigate risk due to potential consequences of a cyberattack including:

  • Unplanned downtime and loss of production
  • Costly harm to assets
  • Reputational damage

As a third-party provider we reinforce a customer’s objective commitment to safety excellence, helping build buyer confidence through UL certification on products and systems.

Why UL?

The facts
  • Science and knowledge-based company
  • Offering transparency through measurements and standards
  • Independent and trusted entity
  • Inside-out and outside-in approach from security development to testing
  • Experience in embedded SW security
  • Providing a complete offering, focusing on both product security as well as secure software development processes
The benefits
  • Protecting you business based on science, technology and SW/application security expertise. Basis of measurement founded on facts/science
  • Offering confidence regarding your efforts to manage cybersecurity risks, giving you a competitive advantage
  • Complete risk management offering find, fix, and prevent services
  • Saving time and money by focusing on protecting the most critical parts of the business first

For questions please contact

Find the right service within the UL offering and learn how it meets your particular needs.