SIR Certification is an independent assurance framework for assessing the security and resilience of industrial radio communications used within operational technology (OT) environments. It focuses specifically on radio systems that support monitoring, control, and safety-related operations.

No. SIR Certification is not a regulatory or legal requirement. It does not replace existing laws, regulations, or statutory obligations. It is a voluntary assurance framework intended to complement established OT cybersecurity, safety, and governance approaches.

No. SIR Certification is designed to sit alongside existing OT cybersecurity frameworks and guidance. It addresses a specific area that is often out of scope: the security and resilience of industrial radio communications.

SIR Certification applies to radio communications systems used within OT environments, including licensed and licence-free industrial radio, telemetry links, and control communications. It is particularly relevant where radio links form part of an operational or safety-related control loop.

Yes. SIR Certification is vendor-neutral. It does not mandate the use of specific manufacturers, products, or technologies. Assessments focus on system behaviour, architecture, and capability rather than vendor branding.

Yes. SIR Certification is vendor-neutral. It does not mandate the use of specific manufacturers, products, or technologies. Assessments focus on system behaviour, architecture, and capability rather than vendor branding.

No. SIR Certification does not guarantee security or prevent all incidents. It provides assurance by assessing whether appropriate controls and capabilities are present, based on the operational context and risk profile of the system.

SIR Certification assesses factors such as communications integrity, authenticity, resilience, system boundaries, and governance assumptions. It does not require disclosure of cryptographic keys or sensitive operational details unless explicitly agreed.

Spectrum regulators manage frequency allocation and interference. SIR Certification focuses on the security and resilience of the data carried over radio links, including protections such as authentication, integrity, and resistance to replay or manipulation.

SIR Certification is intended to support asset owners, operators, engineers, integrators, insurers, and others responsible for managing risk in OT environments where radio communications are used.

SIR Certification should be reviewed when there are significant changes to the radio system, its operational use, or the surrounding risk environment. Periodic reassessment is also recommended to account for system ageing or configuration changes.

No. SIR Certification does not mandate replacement or upgrade of existing systems. It supports informed, proportionate decision-making by helping organisations understand system capabilities and limitations.

A detailed explanation of the SIR framework and its tiered assurance model is available in the “How SIR Certification Works” article on this site.