CERT@VDE

Here you'll find the guidelines and mission statement that inform the work of CERT@VDE.

Guidelines and Compliance

Cooperation with CERT@VDE is based on the following guidelines:

  • Confidentiality of customer data is of the highest priority.
  • Any cooperation happens on a voluntary basis and can be terminated at any time.
  • Personal business concepts must not suffer from any activities of CERT@VDE.
  • Reciprocal contributions and information shall optimise all member’s work processes.
  • Our work and cooperation shall provide a model for CERTs from other sectors.
  • The Code of Conduct applies to VDE Verband der Elektrotechnik Elektronik Informationstechnik e. V. and its associated companies. 
    It applies worldwide to all staff of VDE, including management boards, directors and executives. 
    However, the Code of Conduct also applies to all members of VDE’s executive bodies and everyone sitting on VDE’s committees and participating in other meetings and activities, even if there is no service or employment contract with VDE in existence. It also applies to any experts used in standardisation procedures and in technical and scientific work. Therefore it also applies for all partners and technical experts of CERT@VDE. 

Mission Statement

Trust and efficiency are necessary for any communication on security vulnerabilities.

CERT@VDE assists SMEs in Industrial Automation with the handling of vulnerabilities and product security incidents. It provides a trusted platform for cross-organizational collaboration.

CERT@VDE

  • Provides a neutral, trustworthy and secure platform for collaboration between vendors.
  • Assists with the coordinated disclosure of vulnerabilities.
  • Enables exchange and discussion of methods and practice for product security.
  • Processes vulnerability information from multiple sources and provides it to the target constituency, i.e. vendors, integrators and users of Industrial control systems (ICS).
  • Organizes workshops for the industry.
  • Develops processes and best practices with its partners in the industry.

FAQ

This page does not yet exist in English.