With the emerging concerns about industrial cybersecurity and the ever-growing importance of software development for innovative fields (IoT, smart factory …), Bureau Veritas and its partner CEA-List have developed state of the art guidelines on best practices applied to secure software development for industrial users. This approach was initiated by our customers’ feedbacks about the difficulty to select and evaluate the relevance of existing guidelines. Those guidelines are mainly intended for software architects and development teams, but can also be used as guidelines for suppliers.