Group:
Case Studies for the Cyber-Security of Industrial Automation and Control Systems
2nd meeting on 18 June 2014 in Ispra.
Although the analysis of inquiries among the industrial CI operators confirmed how difficult it is to get data about the cyber-security of IACS, it appears clear that there is no requirement for a mandatory testing and certification scheme. Nevertheless, industrial operators need reassurance as to the cybersecurity of the devices they buy (components and system integrators), requiring producers and vendors to offer tested products. The experts discussed a proposal to define a pan-European voluntary Test & Evaluation scheme, in the knowledge that some Member States may already
require some IACS components to be certified. The next meeting will be held on 24 September 2014 in Ispra.