According to a press release from ISA today, BP, Chevron, Honeywell, Siemens and Yokogawa have consented to become Founding Members of the ISA Security Compliance Institute.
"The Founding Strategic Member companies," the release says, "have demonstrated industry leadership by making a two year commitment for funding and significant volunteer time to ensure that the ISA Security Compliance Institute will be operational in 21 months."
It is devoutly hoped that ISA's SP99 committee can pass some sort of security standard for ISCI to use as a compliance metric sometime in those 21 months.
Other companies who were in at the beginning of this effort, who have apparently chosen not to become "Founding Members" include ExxonMobil, Shell, Invensys, Emerson, and ABB, as well as this magazine and Byres Security Inc.
It is perhaps understandable why small companies would bow out, but what's the reason behind the big ones' withdrawl?
Here's the text of the press release:
The ISA SecurityCompliance Institute is poised to move forward after gaining commitments
for Founding Strategic Membership from key organizations in the
automation controls community. The Founding Strategic Member companies
have demonstrated industry leadership by making a two year commitment
for funding and significant volunteer time to ensure that the ISA
Security Compliance Institute will be operational in 21 months.The Institute sought to gain a balance of representation from industry
thought leaders comprised of asset owners, suppliers, and other key
stakeholders. Notable Founding Strategic Members include BP and Chevron
from asset owner organizations and Honeywell, Invensys, Siemens and,
Yokogawa from supplier organizations.The industrial controls security compliance program was inspired by
industry leaders from a number of major control system users and
manufacturers who investigated the feasibility of creating an
organization to establish a set of well-engineered specifications and
processes for the testing and certification of security characteristics
for critical control systems products. Conformant products will carry
the ISASecure designation, enabling suppliers to substantiate claims of
compliance and provide asset owners with an independently validated
identification of compliant products when making procurement decisions.
ISA Security Compliance Institute Members, working with technical staff
retained by the ISA Security Compliance Institute, will develop a set of
compliance requirements based on ISA99 security standards and other
relevant standards, such as IEC or DHS recommendations.
The current Founding Strategic Members have elected to grant a short
extension to enrollment at the Founding Strategic Membership level to
ensure that all interested industry organizations have the opportunity
to participate at that level. Founding Strategic Members are entitled to
a voting seat on the Institute's Governing Board and will provide the
leadership and strategy for the compliance program's future.
The remaining membership levels will be opened after the formation of
the Institute's Governing Board.
Andre Ristaino, Managing Director of ISA's Automation Standards
Compliance Institute, is pleased with the progress of the Security
Compliance Institute. "The individual enthusiasm and the industry
response have been extremely positive. Many people have worked very hard
to bring this opportunity to the industry, and I believe that the
industry was ready for the program. The courage and hard work of the
Founding Strategic Members makes the ISA Security Compliance Institute
possible, and the entire industry will benefit from their dedication,"
said Ristaino.
Next steps for the Institute include an informal planning meeting of the
Founding Strategic Members, held in conjunction with ISA Expo 2007 in
Houston, Texas, 2-4 October, and subsequent issuance of membership
solicitations for all other membership levels.
Please visit www.isa.org/ISASecure for details about the program's
history, membership benefits, current commitments, and future membership
opportunities.
