Worldwide, the threat posed by cyber-attacks is on the rise and important infrastructure is increasingly being targeted. Well thought-out protection concepts are playing a more important role. However, effective protection can only be achieved with coordinated organizational measures and technical measures. For many years Bachmann has focused on a high level of OT (Operational Technology) security. This commitment is manifest in certification according to industry standards IEC 62443-4-1 and ISO 27100.

02_Bachmann Zertifikat_EN

Holistic approach

Industry standard IEC 62443-4-1 deals with security of industrial automation and control systems (IACS) throughout the entire life cycle of these systems. In addition to the technologies used, IACS security also includes the people and the work processes that are required to ensure the security, integrity, and reliability of such systems. Moreover, the standard emphasizes holistic solutions for the protection of industrial equipment and consequently it is directed to all stakeholders. Product manufacturers, integrators, and operators alike are called on to develop coordinated protection concepts. This gives rise to a defense concept based on the principle of defense-in-depth at different levels with multiple layers of protection. With such a concept in place, the effects of an attack can be minimized, countermeasures can be initiated early on, and a recurrence can be prevented.


Defined development process

Comprehensive consideration of security aspects in the development of software is an essential element of holistic OT security. Consequently, in eight sections the standard describes what a process for the development of secure software should look like over the entire product life cycle. The so-called "Practices" include specifications for defining the security requirements, for example, through threat analysis, and specifications for secure development of products by means of coding guidelines, for software testing procedures, for handling security vulnerabilities, and for provision of updates.

With IEC 62443-4-1 certification, Bachmann ensures a secure foundation in the fight against cyber criminals for operators and integrators of industrial automation and control systems. However, for sustainable cybersecurity, operators and integrators are also called on to develop suitable protection concepts that build on this foundation.

With ISO 27001 certification, in addition, Bachmann provides protection against cyber-attacks on internal company systems to ensure availability and adequately protect sensitive data against theft.