How to Mitigate Cybersecurity Risks in Industrial Control Systems

Cyber attacks in industrial control systems are a major concern for manufacturers, OEMs, machine tool builders, system integrators, and retrofitters. It is imperative that industrial control systems are evaluated for cybersecurity to help ensure reliability, decrease downtime, prevent damage to assets, mitigate risk and improve security.

To assist manufacturers who develop these products and purchasers who acquire these products; UL has developed UL 2900-2-2 Standard, within the UL Cybersecurity Assurance Program, that provides a minimum set of requirements that manufacturers of network-connectable industrial control systems can pursue to establish a baseline of protection against vulnerabilities and software weaknesses, along with a minimum set of security risk controls.


  • Review past and current cybersecurity risks for industrial control systems
  • Identify fundamentals of evaluating industrial control systems with security in mind
  • How to develop a robust methodology for identifying risks in a manufacturers’ software supply chain
  • Understand options available for cybersecurity testing and/or certification

For specific questions or assistance selecting the right solution, please contact a UL Cybersecurity expert at ULCyber@ul.com or visit www.ul.com/cybersecurity.