Home
Videos & Tutorials
Cybersecurity Beyond the Norm
Security Certification
WinCC OA meets all required security standards for IEC 62443 certification. Regular external audits every three years reinforce this commitment. Discover how you will benefit from this proactive approach to security!

Videos & Tutorials
- Things to know about WinCC OA
- Cybersecurity Beyond the Norm
  - Introduction
    Welcome to our SIMATIC WinCC OA Security series. In this series, we focus on the importance of security in SCADA systems, especially in light of the EU Cyber Resilience Act.
  - WinCC OA Security Guideline
    The Security Guideline ensures WinCC OA clients stay safe. Think of it as your personal GPS for using WinCC OA securely in a productive environment. Watch this episode to learn more!
  - Security Certification
    WinCC OA meets all required security standards for IEC 62443 certification. Regular external audits every three years reinforce this commitment. Discover how you will benefit from this proactive approach to security!
  - Security by Default
    WinCC OA comes with its built-in expert knowledge and Secure by Default configuration. This is a development principle ensuring that security measures are enabled right from the installation. This episode will provide guidance on working with this ready-to-use security template.
  - Certificates
    Certificates serve as proof of identity and protect data communication in your WinCC OA project. Learn more about the ways to obtain certificates in the WinCC OA universe and why customization of default certificates is advisable.
  - Password Policy
    WinCC OA offers two password policies. Learn about the differences between the WinCC OA Policy and the Active Directory Policy and some more benefits like MFA and SSO.
  - Safety
    Safety is an essential aspect of industrial automation systems. Key points include IEC 61508 certification, emphasizing risk assessment and Safety Integrity Levels (SILs). Understand the concept of a safety related system and safety-certified components like WinCC OA and the benefits of our WinCC OA Safety Manual.
  - Server Side Authentication
    Authentication ensures that only authorized individuals, services, and applications can access company resources. In WinCC OA, we have adopted Server Side Authentication (SSA) as the default authentication method since version 3.17. Discover the top three advantages of SSA by tuning in to this episode.
  - Defense in Depth
    A single protection measure is not sufficient to defend against today’s dynamic and evolving threats. That’s why we have adopted a Defense in Depth strategy which leverages multiple security layers to safeguard your WinCC OA projects. Think of it as a series of concentric circles, each reinforcing the other. This video will give you a concise overview of this approach.
  - Security Workshop
    Certified engineers seeking to master WinCC OA security methods can deepen their technical expertise on security topics by participating in our WinCC OA Security Workshop. Explore this video to uncover the details.

Security Certification

WinCC OA meets all required security standards for IEC 62443 certification. Regular external audits every three years reinforce this commitment. Discover how you will benefit from this proactive approach to security!

Video Information

Length: 2:21
Language: English

Transcript

Hello, this is Mounir and I welcome you to our Security Series. In this video, we will have a closer look at the topic of Security Certification.

Certifications play a crucial role in establishing trust and credibility in the field of cybersecurity.

In essence, having a security certification for a SCADA system means that the software has undergone rigorous testing and evaluation to ensure it meets the highest security standards. This can provide peace of mind for organizations that rely on SCADA systems for their critical operations.

Certifications conducted by reputed external auditors add credibility to the security certificate and prove that the security standards are met. Stakeholders, including customers, partners, and regulators, often trust certifications issued by well-known external auditors.

The International Electrotechnical Commission (IEC) sets the IEC 62443 security standards that are particularly relevant for SCADA systems. We are proud that WinCC OA is certified for both standards, 4-1 for Development and 4-2 for Product. WinCC OA ensures the highest security standard by constantly having external audits, In this case, every 3 years.

And the good news is: Both certificates are already implemented in your WinCC OA project and nothing needs to be done on your side. This is to prove that WinCC OA meets the above protocols and fulfills the required security standard. However, you must take care of your operational environment, which is explained in the WinCC OA Security Guideline.

Thank you for watching and follow us on LinkedIn and YouTube. Stay secure and tune in to the next episode!