Palindrome Technologies Collaborates with ISASecure to Strengthen Cybersecurity Standards in Industrial Automation

Strengthening Industrial Cybersecurity: Palindrome Technologies and ISASecure Join Forces

In an important development for industrial cybersecurity, Palindrome Technologies Inc. has officially entered into the ISASecure® program, an initiative of the International Society of Automation (ISA). This collaboration marks a significant step in the commitment toward enhancing security measures for industrial automation systems through the well-regarded ISA/IEC 62443 series of standards.

Founded in 2005, Palindrome Technologies has established itself as a premier information security research firm, excelling in embedded systems and advanced testing of communication networks and software platforms. The organization's journey into cybersecurity began with its founders' previous experience in Bellcore's Security Fraud group, where they provided critical expertise to notable telecommunications companies and government agencies including DARPA, the Department of Homeland Security's Cybersecurity Infrastructure Security Agency (DHS-CISA), and others.

Mark DeAngelo, the ISASecure Program Manager, expressed enthusiasm over Palindrome's participation, recognizing the firm’s extensive background in applied cybersecurity research. "Their experience and knowledge will enhance the security posture of worldwide industrial automation and control systems,” he stated, emphasizing the global imperative for robust cybersecurity practices.

As part of the ISASecure program, Palindrome Technologies is in the process of meeting the criteria necessary to obtain ISO/IEC 17065 accreditation. This accreditation will enable them to function as a third-party certification body within the ISASecure framework, focusing specifically on the Security Development Lifecycle Assurance (SDLA) and System Security Assurance (SSA) certification schemes. These certifications are paramount, as they align with the ISA/IEC 62443 standards, endorsing a comprehensive approach towards product security through the entire lifecycle.

Peter Thermos, the CEO of Palindrome Technologies, highlighted the alignment of their technological capabilities with ISASecure's objectives. He pointed out that their specialized skills in evaluating and testing next-generation platforms such as 5G, IoT, and Industry 4.0 mesh with the mission of ISASecure. "We are thrilled to be part of this community and to contribute to securing industrial systems across the globe," said Thermos.

Community engagement and knowledge sharing are pivotal elements of this collaboration. To facilitate further understanding of cybersecurity in industrial systems, Thermos will host a free webinar entitled "Securing Private 5G Networks in Manufacturing Using Penetration Testing: A Case Study" scheduled for May 14, 2025. This session aims to elucidate best practices and innovative approaches to fortifying cybersecurity measures in current manufacturing frameworks.

ISASecure®, established in 2007 under the auspices of the ISA, is a globally acknowledged certification program securing the cybersecurity of industrial automation control systems. The program is committed to validating that products conform to international standards for operational technology (OT) security, which is an essential concern in today’s interconnected industrial landscape.

The insights and practices advocated by ISASecure have garnered support from major industry players including BP, Chevron, and Honeywell, establishing a solid foundation aimed at improving the security framework prevailing in industrial settings worldwide. By the fall of 2025, ISASecure plans to initiate the ACSSA assessment scheme, equipping asset owners with the tools needed to evaluate control systems according to the stringent ISA/IEC 62443 standards.

In conclusion, the partnership between Palindrome Technologies and ISASecure denotes a critical advancement for industrial cybersecurity. Their collaboration not only ensures adherence to rigorous standards but also lays the groundwork for a secure future in the industrial automation landscape. Stakeholders in the industry should remain vigilant and proactive in adopting these emerging protocols and enhancements as they continue to evolve along with technology and threats.