The Achilles Communications Certification program was developed by Wurldtech and its partners to provide a benchmark for the secure development of the applications, devices and systems found in critical industrial infrastructure. The program is designed to assess the network robustness of industrial devices and certify that they meet a formal and comprehensive set of requirements and conformance. The certification process presents device manufacturers with an independently verified result from which to communicate their product security to customers, while providing the operators of control systems with the most complete, accurate, and trustworthy information possible about the network resilience of their deployed products.
What Gets Certified?
Achilles Certification verifies the network robustness of industrial control devices: whether the device passes or fails certification is dependent on whether its primary functionality is maintained while subjected to the standardized set of network tests. Four types of products can be Achilles Certified™:
| Embedded Devices |
 |
A special purpose device running embedded software designed to directly monitor, control or actuate an industrial process.
|
| Host Based Devices |
 |
A general purpose device running a general purpose operating system capable of hosting one or more applications, data stores or functions.
|
| Control Applications |
 |
Software programs executing on the infrastructure {embedded, host, and network devices} that are used to interface with the process.
|
| Network Components |
 |
A device which moves data from one device to another, or restricts the flow of data, but does not directly interact with a control process.
|
WST’s Achilles™ Satellite testing platform is used to run the certification tests. The tests can be grouped into two general categories: tests that send rogue and invalid protocol packets, and denial-of-service tests that attempt to overwhelm the device’s resources. These tests are run for each of the fundamental protocols of the network stack: Ethernet, IP, ARP, ICMP, TCP, and UDP. By passing these tests, the device demonstrates that it is secure against sophisticated network attacks across the common network protocols.
More Information
Process control system operators want to minimize risk and maximize uptime, and suppliers want to be first to market with certified, reliable systems. Our partnership with Wurldtech allows us to bring the safety and security certification processes together so operators and suppliers have a single source for all of their certification needs.
John Cusimano
Director, Security Services