Johnson Controls, a global provider for smart and sustainable buildings, has announced its Global Secure Product Development Process has earned the distinguished International Society of Automation ISASecure Secure Development Lifecycle Assurance (SDLA) certification. This certification provides customers with assurance that Johnson Controls building technologies and solutions are developed in accordance with the internationally recognised ISA/IEC 62443-4-1 cyber security standard.
The ISASecure programme was established to independently certify the cyber security of operational technology and automation control systems, such as those deployed within smart buildings. SDLA certification specifies security process requirements and practices for the secure development, maintenance and support of these technologies.
Johnson Controls received the SDLA conformance certificate from exida LLC, an ISASecure and ISO 17065 accredited certification body, as a result of assessing product development practices used at engineering centers throughout the world.
“Now more than ever our customers are raising the requirements on security and Johnson Controls is committed to delivering cyber resilient building solutions, like our new OpenBlue digital platform, that are designed for security and privacy, and ISASecure SDLA certification further reinforces the security partnership we have with our customers,” said Jason Christman, Vice President and Chief Product Security Officer. “We focus on providing a positive cyber experience that is backed by disciplined incident response, vulnerability management, and coordinated disclosure processes.” Johnson Controls is a founding member of the ISA Global Cybersecurity Alliance and voting board member of the ISA Security Compliance Institute.