ISA/IEC Specifies Cybersecurity For Control Systems

The ISA/IEC 62443 standards, developed by the ISA99 committee as American National Standards and adopted by the International Electrotechnical Commission (IEC), are designed to provide a flexible framework to address and mitigate current and future security vulnerabilities in industrial automation and control systems (IACS). A recently published standard in the series, ISA/IEC 62443-4-2-2018, Security for Industrial Automation and Control Systems: Technical Security Requirements for IACS Components, provides the cybersecurity technical requirements for components that make up an IACS, specifically the embedded devices, network components, host components and software applications. The standard sets forth security capabilities that enable a component to mitigate threats for a given security level without the assistance of compensating countermeasures.

 

The standard follows the February 2018 publication of ISA/IEC 62443-4-1, Product Security Development Life-Cycle Requirements, which specifies process requirements for the secure development of products used in an IACS and defines a secure development life-cycle for developing and maintaining secure products. The life-cycle includes security requirements definition, secure design, secure implementation (including coding guidelines), verification and validation, defect management, patch management and product end-of-life.

Embedded Technologies Expo & Conference

The inaugural event will take place June 25-27 in San Jose, CA!

Embedded Technologies Expo & Conference (ETC), in the largest embedded and IoT market in North America, is the ONLY event focused on what is most important to designers and implementers – education and training. Attendees will experience over 100 hours of unparalleled education and training covering embedded systems, IoT, connectivity, edge computing, AI, machine learning, and more. Co-located with Sensors Expo & Conference, attendees will have the opportunity to see hundreds of leading exhibitors and network with thousands of industry peers and innovators.

 

Previous documents in the ISA/IEC 62443 series cover terminology, concepts, and models, establishment of an IACS security program, patch management, and system security requirements and security levels. For more insights, checkout the ISA/IEC 62443 series. For more information on ISA99 and the ISA/IEC 62443 series of standards, contact Eliana Brazda, ISA Standards, [email protected] or +1-919-990-9200.

Read more on

Suggested Articles

There are many tradeoffs to consider when determining the best power supply solution for a given design.

Industrial users will still get to use older Raspberry Pi versions.

An embedded computer is a combination of hardware and software that is designated to perform a highly specific function.