AiLux, manufacturer of RTU devices conforming to IEC standards, is present at the international meeting “Working Group 15” on information security, which takes place at the Enel offices in Rome. Among the numerous topics, we also deal with the one relating to the status and further process for IEC 62351-3 and the mapping of IEC 62351-7 to IEC 61850. A compliance test compiled as TS for Part 3 and Part 5 and security for 60870-5 and DNP3. When the stability and criticality of strategic infrastructures is at stake, our company is always happy to contribute to improvement to ensure safety.
Information security is the set of means and technologies aimed at protecting IT systems in terms of availability, confidentiality and integrity of IT assets or assets; these three parameters currently tend to add the authenticity of the information.
A synonym often used is cybersecurity, a term that represents a subclass being that area of computer security that depends only on computer technology.
In IT security, technical, organizational, legal and human elements are involved. To assess security, it is usually necessary to identify the threats, vulnerabilities and risks associated with IT assets, in order to protect them from possible attacks (internal or external) that could cause direct or indirect impact damage exceeding a certain tolerability threshold (eg economic, political-social, reputation, etc.) to an organization.
Software products or computer systems can be certified in their security attributes, with added value on the product or system itself in terms of publicity security (quality certification in terms of safety), by recognized competent bodies, according to an IT security standard . Typically, the certification process passes through an evaluation phase of the product / system (called OdV, ie subject to evaluation) by an accredited assessment laboratory, for which the developer / developer of the operation has identified a so-called safety target (TdS) in terms of specifications that your product should provide. The assessment guarantee level is usually defined in the SDS. The task of the evaluator is to verify by means of the evaluation activity the congruence or otherwise of the product / system to the security specifications required by the developer / developer, through appropriate evaluation criteria, then drawing up a report and a final certificate in the public domain.