Press release
KONČAR Digital is the first company to successfully complete the testing and certification process in accordance with the international IEC 62351-3 standard via TÜV NORD. In the pilot project, TÜV Informationstechnik (TÜVIT) tested the Croatian industrial company's PROZA Station software solution for IT security. This was followed by certification by TÜV NORD CERT.
It is probably the worst-case scenario for every company: a hacker attack that paralyses business operations within a very short space of time until further notice. In the energy supply sector, data and communication protocols play a key role in this context. If these are not adequately secured, they can open the door to cyber criminals. To minimise this risk, experts have developed specific norms and standards that focus on secure communication. One of these is IEC 62351.
The industrial company KONČAR Digital recently had its PROZA station tested and certified by TÜV NORD in accordance with this international standard. The software solution is based on the modern SCADA platform PROZA HAT and combines this with specific functions for substation automation. The KONČAR solution thus offers the functionality of a real-time SCADA system that is used to monitor and control primary and secondary devices in a substation. As the solution consists of various components that communicate with each other and with other devices, it was important to KONČAR to put the security of this communication to the test.
The Croatian industrial company can now prove that the PROZA Station software solution has secure process data communication in accordance with the requirements of IEC 62351 with a corresponding certificate. This makes KONČAR the first company to complete the TÜV NORD certification programme for the IEC 62351 standard. What makes it special: The testing and certification was carried out as an integral part of the IEC 62443 certification programme.
The specific part of the standard IEC 62351-3, which relates to confidentiality, integrity protection and authentication at message level for SCADA and telecontrol protocols, served as the basis. With a view to the requirements contained therein, the IT security experts from TÜVIT tested the security between the communicating units at both ends of a TCP/IP connection within the communicating end units of the PROZA station. With success, as the IEC 62351-3 certificate issued by TÜV NORD CERT now proves in black and white.
TÜV Informationstechnik GmbH (headquartered in Essen, Germany) is a renowned IT security service provider and an independent testing institute and laboratory for IT security and cyber security in digitalisation. TÜVIT has been accredited worldwide since 1995 and creates trust in security measures at the level of business processes, data, applications and technologies through vulnerability analyses, audits and evaluations. TÜVIT is a powerful partner in detecting and responding to cyber attacks and ensures rapid restoration of business capability. In this way, businesses, public authorities and operators of critical infrastructures strengthen their regulatory compliance in the areas of confidentiality, integrity and availability as well as their holistic cyber resilience and IT security in the supply chain.
Together with ALTER TECHNOLOGY, TÜVIT forms the Digital & Semiconductor business unit. The business unit is a key pillar of the TÜV NORD GROUP, a knowledge company that has stood for security and trust worldwide for over 150 years. Engineers and IT security experts in more than 100 countries ensure that companies become even more successful in the networked world.