GE Logo
Articles & Announcements
GE’s Grid Solutions achieves secure development lifecycle process certification
GE’s Grid Solutions achieves secure development lifecycle
process certification

Worldwide, customers face the challenge to secure their industrial automation, protection and control systems. They also face the pressure of regulations, such as NERC CIP in North America, the NIS Directive in EU and IAS in EAU. 
In ongoing efforts to support our customers and their challenges, Grid Solutions is pleased to announce that it has achieved IEC 62443-4-1 certification. This certification ensures that a secure development lifecycle process is well defined, implemented and enforced across all the product’s lifespan - from the design to the end-of-life cycle. The IEC62443-4-1 international and widely recognized standard “specifies process requirement for the secure development of products used in industrial automation and control systems”.
By choosing a product designed following an IEC 62443-4-1 certified process, customers can build a system with solid security foundations. A product that is secure is a product that was designed with security in mind, rather than a product which only implement a list of security features.
While no product is 100% secure, by certifying its Secure Development Lifecycle process, Grid Solutions shows that it is committed to provide its customers with products designed and maintained with cyber security in mind.  

About IEC 62443-4-1
IEC 62443-4-1:2018 specifies the process requirements for the secure development of products used in industrial automation and control systems. This specification is part of a series of standards that addresses the issue of security for industrial automation and control systems (IACS). IEC 62443-4-1 defines secure development life cycle (SDL) requirements related to cyber security for products intended for use in the industrial automation and control systems environment and provides guidance on how to meet the requirements described for each element. The life-cycle description includes security requirements definition, secure design, secure implementation (including coding guidelines), verification and validation, defect management, patch management and product end-of-life. These requirements can be applied to new or existing processes for developing, maintaining and retiring hardware, software or firmware.