Eaton has announced it is collaborating with global safety science organization UL to advance cybersecurity for power management technologies across industries. The collaboration is helping to establish measurable cybersecurity criteria for network-connected power management products and systems. In addition, Eaton’s cybersecurity research and testing facility in Pittsburgh is the first lab approved to participate in UL’s Data Acceptance Program for cybersecurity. The program, which is in development and available on a limited basis, aligns Eaton’s testing methodologies and data generation with the UL Cybersecurity Assurance Program for UL Standards 2900-1 and UL 2900-2-2.
Eaton’s cybersecurity research and testing facility in Pittsburgh now has the capability to test Eaton products with intelligence or embedded logic to key aspects of the UL 2900-1 and 2900-2-2 Standards. Through this environment and Eaton’s rigorous cybersecurity process, Eaton is developing a growing portfolio of products to meet stringent specifications, regulations and consumer expectations for safe, secure power management.
Cybersecurity is one of manufacturing’s most critical risk factors (source: BDO 2016 report) and the number of security incidents in this sector was nearly 40 percent higher than the average across all industries (source: 2017 IBM X0Force Threat Intelligence Index). While manufacturers continue to innovate and build safer and more secure technologies, assessing risk is critical as cyber-attacks become more complex and difficult to guard against.
In another milestone, Eaton’s Power Xpert Dashboard recently became the first power management product certified to the UL 2900-2-2 Standard for cybersecurity in industrial control systems. This user portal to Eaton’s switchgear enables customers to monitor, diagnose and control equipment from a location outside the arc flash boundary.
Through UL’s innovative Cybersecurity Assurance Program, Eaton, UL and other industry organizations are working together to establish foundational requirements for testing of network-connectable industrial control systems to enable protection against vulnerabilities and security risk controls.