Exor International has been certified to IEC 62443-4-1:2018 for its Secure Development Lifecycle (SDL), achieving Maturity Level 2 (ML2). The assessment was performed by TÜV Italia, which issued certificate TUV IT 25 CYB A 005 to Exor International S.p.A., San Giovanni Lupatoto (VR), Italy.
In practical terms, this confirms a managed, repeatable process that applies consistent security practices to every product we develop.
IEC 62443-4-1 certifies that an organization follows secure development lifecycle practices for industrial automation and control systems—embedding cybersecurity from design through decommissioning rather than adding it later. In our case, the scope covers Exor’s SDL as defined in CPRO 6.0 (rev. 1.1) and confirms ML2 across all practice areas (security management, requirements & threat modeling, secure design/implementation, verification & validation, defect and update management, and security guidance).
The certification provides independent confirmation that Exor applies repeatable, measured security practices across the product lifecycle—how requirements are defined, implemented, tested, and maintained over time (including patch delivery and vulnerability handling). This supports security by design and consistent risk reduction in industrial automation projects.
Two concrete benefits:
This certification is the foundation of our security strategy, a step forward in a long-term journey. Our commitment is to embed security into architecture and process, so resilience is sustained from requirements to updates, release after release. We are continuing on this path as we work towards too IEC 62443-4-2 certification for our newer generation of hardware.
Disclaimer - Certification details
For the full scope, annexes, and validity conditions, see the certificate here.