Miguel Á. Sánchez
Secure Development Lifecycle in Arteche: Our experiences with IEC 62443-4-1
Safety has always been a must in the electrical sector. But a few years ago, it became necessary to start incorporating security in its components and systems at lower and lower levels. But we cannot talk about product cybersecurity without incorporating security activities in its life cycle processes, so we decide to modify our development lifecycle.
In this talk, Arteche will share with the attendees his experiences in incorporating cybersecurity activities in his development lifecycle, why we think is better to align it with the international standard IEC 62443-4-1, the requirements that are costing us the most to implement, and the conclusions, one year after his certification at maturity level 2 with TÜV Rheinland.
More than 13 years working in the whole life cycle of electronic equipment for electrical sector. Established in Madrid headquarters, Degree in Computer Science, Master’s degree in Cybersecurity, certified in Incident Response & Digital Forensics, and a great enthusiast of cybersecurity and Technology. Now is responsible for Arteche’s Cybersecurity Lab, and he is managing the improvement of Arteche’s S-SDLC and IEC 62443-4-1 compliance.