UL standard fights against cyberattacks in physical security systems

Date: 2016/04/27
Source: Lisa Hsu (compiled from UL announcement)
UL has launched the UL Cybersecurity Assurance Program (UL CAP) for life safety and physical security systems to provide a testable cybersecurity criteria to evaluate software vulnerabilities, reduce exploitation, address known malware, and review security controls and increase security awareness.

As Internet of Things (IoT) gains traction, so are the capabilities of network-connected products and systems. Because of this, life safety and physical security devices and systems have become more connected. However, although the rise of connected devices may provide better protection and safety, one must be aware of the emerging risks due to the growing IoT trend.

In recent times, the number of cyber-attacks is growing, and so is the sophistication of these attacks. It is essential that life safety and physical security systems are evaluated for cybersecurity to ensure reliability, decrease downtime, prevent damage to assets, mitigate risk, improve security, and maintain health and safety, according to a report from UL.

UL CAP, which uses the new UL 2900-1 standard for life safety and physical security systems, can help mitigate these issues. The program offers trusted third party support with the ability to evaluate both the security of network-connectable products and systems, as well as the vendor processes for developing and maintaining security products and systems. The program allows vendors to focus on product innovation with emerging technologies and capabilities to meet market requirements.

UL CAP for life safety and physical security
According to UL, the UL CAP was established with input from major stakeholders representing the U.S. federal government, academia, and industry to elevate the security measures deployed in the critical infrastructure supply chain. As a matter of fact, the UL CAP services and software security efforts are recognized within the U.S. White House Cybersecurity National Action Plan (CNAP) as a way to test and certify network-connectable devices within the IoT supply chain.

Early adoption of the UL CAP provides a competitive advantage in the marketplace and can help with mitigating risk including:
  • Unplanned downtime and loss of production
  • Costly harm to assets
  • Reputational damage
Related Articles
Cyber-attacks on banks highlight need for advanced security systems
How to minimize cyberthreats in IP-based physical security systems
Cybersecurity: a growing issue for surveillance systems