News: Announcing UL 2900 Outlines | UL Standards

UL 2900 series of Cybersecurity Outlines are essential element of UL’s newly announced Cybersecurity Assurance Program, UL CAP

UL’s Press Release issued April 5, 2016 announced UL’s new Cybersecurity Assurance Program (UL CAP). UL CAP uses the newly published UL 2900 series of outlines to offer testable cybersecurity criteria for network-connectable products and systems to assess software vulnerabilities and weaknesses, minimize exploitation, address known malware, review security controls and increase security awareness. The outlines form a baseline set of technical requirements to measure, and then elevate, the security posture of products and systems, and by design the requirements will evolve to incorporate additional technical criteria as the security needs in the marketplace mature.

The new requirements published on March 30, 2016 are available to UL’s certification customers via the Standards Certification Customer Library (SCCL) and can be purchased by visiting UL’s Standards Catalog or the UL Standards Sales Site.

UL 2900-1, Software Cybersecurity for Network-Connectable Products, Part 1: General Requirements
UL 2900-2-1, Software Cybersecurity for Network-Connectable Products, Part 2-1: Particular Requirements for Network Connectable Components of Healthcare Systems
UL 2900-2-2, Software Cybersecurity for Network-Connectable Products, Part 2-2: Particular Requirements for Industrial Control Systems

Apply for membership on the Standards Technical Panel

UL is planning on forming a new Standards Technical Panel (STP) for Cybersecurity that will serve as the consensus body for the review and ballot of these outlines as American National Standards (ANS) in the US and National Standards of Canada (NSC) in Canada. Interested parties are invited to contact Valara Davis, Standards Project Manager, or Diane Haithcock, STP Chair.

For more information about the UL 2900 series of Cybersecurity Outlines in relation to UL’s newly launched Cybersecurity Assurance Program, visit UL’s Cybersecurity Awareness Program site and read the April 5, 2016 UL Press Release.