- This topic is empty.
August 28, 2020 at 12:56 pm #44670Telegram SmartBoTModerator
- Topic 4046
- Replies 0
- posts 4046
#News(IoTStack) [ via IoTGroup ]
The ISA/IEC 62443 series of standards, developed by the ISA99 committee and adopted by the International Electrotechnical Commission (IEC), provides a flexible framework to address and mitigate current and future security vulnerabilities in industrial automation and control systems (IACSs). The committee draws on the input and knowledge of IACS security experts from across the globe to develop consensus standards that are applicable to all industry sectors and critical infrastructure.
A new standard in the series, ISA-62443-4-2, Security for Industrial Automation and Control Systems: Technical Security Requirements for IACS Components, provides the cybersecurity technical requirements for components that make up an IACS, specifically the embedded devices, network components, host components, and software applications. The standard, which is based on the IACS system security requirements of ISA/IEC 62443‑3-3, System Security Requirements and Security Levels, specifies security capabilities that enable a component to mitigate threats for a given security level without the assistance of compensating countermeasures.
“The standard definition of the security capabilities for system components provides a common language for product suppliers and all other control system stakeholders,” emphasizes Kevin Staggs of Honeywell, who led the ISA99 development group for the standard. “This simplifies the procurement and integration processes for the computers, applications, network equipment, and control devices that make up a control system.”
The new standard follows the February 2018 publication of ISA/IEC 62443-4-1, Product Security Development Life-Cycle Requirements, which specifies process requirements for the secure development of products used in an IACS and defines a secure development life cycle for developing and maintaining secure products. The life cycle includes security requirements definition, secure design, secure implementation (including coding guidelines), verification and validation, defect management, patch management, and product end of life.
AutoTextExtraction by Working BoT using SmartNews 1.0399999999 Build 04 April 2020
- You must be logged in to reply to this topic.