Technology group, Wärtsilä, has been awarded cybersecurity certifications for the GEMS Power Plant Controller (PPC) by the International Electrotechnical Commission (IEC).

The IEC 62443 certification validates that GEMS has the key components in place to ensure secure operations, and it demonstrates Wärtsilä’s commitment to developing cyber-secure products in support of critical infrastructure and operations.

Wärtsilä is the first manufacturer to have a hybrid power plant certified in the energy industry.

The system-level certification is a global standard for critical devices. The certification validates both process and product by enhancing both the Secure Development Lifecycle (SDL) and PPC by incorporating the IEC standards.

Read more
Toshiba wins Ethiopian small-scale geothermal wellhead order
Enel, EIB close €70m e-mobility funding package

The IEC 62443 series of standards and technical reports define procedures for implementing electronically secure systems from many different industries.

This certification is specifically for Industrial Control and Automation Systems (IACS) and is focused on the cybersecurity protections and inherent security of the certified device and development process.

Wärtsilä attained two IEC levels: 62443 4-1 (SDL) at the Maturity Level 2 and 62442 4-2 (Device) certification for the PPC at the Security Level 1.

Wärtsilä achieved the certification after a rigorous multi-month assessment from exida, the certifying organisation and world leader in automation cybersecurity.

The certification process included detailed analysis of engineering procedures to determine systematic capability and cybersecurity strength, documentation review, product design and device validation testing to show cybersecurity protection. The Energy Storage and Optimisation business line at Wärtsilä employed their mature Agile software development methodology to quickly implement requirements identified by both IEC standards and exida.

“We are pleased to be the first manufacturer in the industry to conform to IEC 62443. As power systems grow ever more complex, solutions are needed to optimise and manage this intricacy in a safe, secure and reliable manner. We are validating to customers the importance that cybersecurity is taking in our products and processes. Wärtsilä continues to lead the industry with this certification,” states Andrew Tang, vice president, energy storage & optimisation, Wärtsilä Energy Business.

GEMS, a proprietary energy management platform, enables customers to remotely monitor individual power generation assets or entire fleets, identifying and diagnosing equipment issues in real-time to mitigate grid issues. The PPC is a key component of the GEMS product offering, used globally for generation asset control, intelligent operations, monitoring, protection and data collection. As a sophisticated software platform optimising entire asset portfolios, the cybersecurity of the GEMS product is extremely important. Access the exida Security Automation list here.

Sign up for our newsletter