Product security evaluation services for industrial IoT

As the security landscape evolves rapidly, regulations are increasingly requiring proof of cybersecurity management in IoT, exemplified by the EU Radio Equipment Directive (RED) in 2025. The IoT sector is impacted by a range of legislation and standards, such as the NIS2 Directive, the EU Cyber Security Act, the EU Cyber Resilience Act, and NIST 8425 (USA). Obtaining certification against recognized industrial IoT standards, like ISA/IEC 62443, not only demonstrates effective cybersecurity management but also empowers developers to minimize risks in their value chain and distinguish their offerings in the marketplace.

Attacks on critical infrastructure are real and security measures need to be taken into account in industrial networks. 

International standards offer a framework and common language for deploying and understanding security. Vendors can use their security evaluation to prove readiness for international standards, like 62443

Brightsight offers different services related to product security evaluation under certification programmes like SESIP, PSA Certified, Common Criteria, 62443.
Obtain certification, minimize risk and distinguish your offering in the marketplace

Guiding principles for implementing industrial security

  • Any regulation should refer to international standards and specifications
  • Frameworks or issuing of quality/security labels
  • International standards are the preferred means to demonstrate conformity with security requirements                       

What is IEC 62443, IACS, IIoT

IEC 62443 is the cybersecurity standard for Industrial Automation and Control Systems. Applicable to devices like IACS (Industrial Automation Control System), it is a global standard for industrial applications like Oil & Gas, Energy and Automotive. Asset owners, system integrators and device suppliers can differentiate their solutions via the IEC 62443 standards. These standards enable the entire ecosystem to work in a secure, integrated manner by certifying software, devices, processes and solutions.

Security services

Industrial standards & recognitions

ISA/IEC 62443

FIPS 140-2

FIPS 140-3