irudkin
commented
7 years ago Should we mention programs/initiatives/policies in the guidelines? We do already for MISRA however is for programming.
Open irudkin opened 7 years ago
irudkin
commented
7 years ago Should we mention programs/initiatives/policies in the guidelines? We do already for MISRA however is for programming.
UL’s 2900-1 tests measure application security, information access control via authentication processes, engineer mode hacking protection and software falsification protection. Additional information on UL 2900-1 standards can be found at https://goo.gl/iJrf90.
UL Cybersecurity Assurance Program (CAP) Securing Software in Physical Devices
The UL Cybersecurity Assurance Program (UL CAP) is an independent third-party testing and certification program through UL specific to network-connectable products and software components. It includes industrial control systems (ICS), medical devices, in-vehicle software systems and other IoT devices. Cybersecurity National Action Plan (CNAP)
Department of Homeland Security enlisted UL and other industry partners to develop a Cybersecurity Assurance Program to test and certify networked devices within the Internet of Things. New UL2900 Certification
This new certification program verifies product compliance with UL2900, a series of standards developed by UL with input from industry stakeholders, including Synopsys. UL2900 validates that a product offers a reasonable level of protection against cybersecurity risks that may result in unintended or unauthorized access, change or disruption.
It may be it is relevant to mention this and investigate further.