CORK, Ireland — Johnson Controls has announced its Global Secure Product Development Process has earned the International Society of Automation ISASecure® Secure Development Lifecycle Assurance (SDLA) certification. This certification provides customers with assurance that Johnson Controls building technologies and solutions are developed in accordance with the internationally recognized ISA/IEC 62443-4-1 cybersecurity standard.
The ISASecure® program was established to independently certify the cybersecurity of operational technology and automation control systems, such as those deployed within smart buildings. SDLA certification specifies security process requirements and practices for the secure development, maintenance, and support of these technologies. Johnson Controls received the SDLA conformance certificate from exida LLC, an ISASecure® and ISO 17065 accredited certification body, as a result of assessing product development practices used at engineering centers throughout the world.
“Now more than ever our customers are raising the requirements on security and Johnson Controls is committed to delivering cyber resilient building solutions, like our new OpenBlue digital platform, that are designed for security and privacy, and ISASecure® SDLA certification further reinforces the security partnership we have with our customers,” said Jason Christman, vice president and chief product security officer of Johnson Controls. “We focus on providing a positive cyber experience that is backed by disciplined incident response, vulnerability management, and coordinated disclosure processes.”
Johnson Controls is a founding member of the ISA Global Cybersecurity Alliance and voting board member of the ISA Security Compliance Institute.