Yokogawa lands cyber certification for plant control systems

Yokogawa has received cybersecurity certification for its CENTUM VP and ProSafe-RS integrated control and safety system, along with related software used with the platform.

The certifications cover three parts of Yokogawa's industrial automation portfolio. Its integrated control and safety system, which combines the CENTUM VP production control system with the ProSafe-RS safety instrumentation system, received ISASecure System Security Assurance Level 1 certification from the ISA Security Compliance Institute.

The certification is based on IEC 62443-3-3, an international standard for control system security, and confirms through third-party approval that the two products meet the standard's security requirements.

CENTUM VP and ProSafe-RS are part of Yokogawa's OpreX Control and Safety System range. They are core products for industrial plants that require both production control and safety systems.

Three certifications

Yokogawa's IT Security Tools software also received separate approval, earning CIS Benchmarks certification from the Centre for Internet Security.

IT Security Tools is designed to apply security settings to Windows computers running CENTUM VP, ProSafe-RS and other Yokogawa system products. CIS Benchmarks are used as a reference for secure system configuration, and the certification shows the software conforms to those settings.

In a third approval, Yokogawa's Exaopc OPC interface package was certified as compliant with the OPC Unified Architecture standard. OPC UA is an international standard for data exchange between information systems and control systems in industrial automation.

The Exaopc certification supports secure communication between systems and aligns the software with a standard widely used to manage machine-to-machine and system-level data exchange in industrial environments.

Security focus

The certifications come as manufacturers and plant operators face closer scrutiny over the cyber resilience of operational technology. Industrial control systems have become more prominent targets for cyber attacks as plants more closely connect production assets, safety functions and business systems.

Standards such as IEC 62443 and OPC UA have become more important in procurement decisions, especially in industries such as energy, chemicals, materials and pharmaceuticals, where system integrity and operational continuity are closely linked.

Yokogawa supplies measurement, control and information systems across a broad industrial customer base. It has more than 17,000 employees across 128 companies in 62 countries.

The latest approvals also highlight the growing role of independent certification bodies in industrial software and control systems. Buyers increasingly use third-party assessments to verify whether products meet recognised security baselines rather than relying solely on supplier claims.

Product milestones

In comments issued alongside the announcement, Mitsuhiro Yamamoto, Corporate Officer and Head of the Systems Business Division at Yokogawa, linked the certifications to the longer history of the company's control and safety products.

"In 2025, CENTUM and ProSafe-RS celebrated their 50th and 20th anniversaries, respectively, and our company has evolved both products by adapting the latest technologies to meet customer needs. We will continue to contribute to the realization of safe and secure plant operations by providing secure products and systems," Yamamoto said.

CENTUM VP is Yokogawa's production control system, while ProSafe-RS is its safety instrumentation system. Used together, they form an integrated setup intended to manage plant processes while maintaining safety functions in abnormal operating conditions.

The IT Security Tools software supports those systems by applying hardening settings to the Windows-based machines on which they run. Exaopc, meanwhile, serves as an interface package for communications between Yokogawa systems and other applications using the OPC UA standard.

For industrial operators, the combination of system-level certification, configuration certification and standards-based communications compliance offers a more complete view of how a supplier addresses cyber risk across control, safety and connectivity layers.