Revision as of 03:25, 24 December 2024 edit Acssec99 (talk \| contribs) 31 edits No edit summary Tag: Visual edit ← Previous edit		Revision as of 12:55, 27 December 2024 edit undo Mmu12345 (talk \| contribs) 23 edits →Automation and Control System Cybersecurity Standards: corrected information about IEC 62443 Tag: Visual edit Next edit →
Line 20: == Automation and Control System Cybersecurity Standards == The international standard for cybersecurity of automation and control systems is the [[~~ISA/~~IEC 62443]]. In addition, multiple national organizations such as the NIST and NERC in the USA released guidelines and requirements for cybersecurity in control systems. === ~~ISA/~~IEC 62443 === {{anchor\|62443}} {{Main\|~~ISA/~~IEC 62443}} The ~~ISA/~~IEC 62443 cybersecurity standards define processes, techniques and requirements for Automation and Control Systems (~~ACS~~IACS). ~~Responsibility~~The ~~for~~IEC ~~these~~62443 standards ~~lies~~and ~~with~~technical areports ~~collaboration~~are ~~between~~organized ~~the~~into ~~ISA99~~four ~~committee~~general ofcategories ~~the~~called ~~International~~''General'', ~~Society for Automation (ISA)~~''Policies and ~~IEC~~Procedures'', ~~Technical~~''System,'' ~~Committee~~''Component'', 65''Profiles'' ~~Working Group~~and 10''Evaluation''. ~~The ISA99 committee operates as an ANSI-accredited standards development organization (SDO) in the US. In IEC the standards creation process all national committees agree upon a common standard.~~ ~~The ISA/IEC 62443 standards and technical reports are organized into four general categories called ''General'', ''Policies and Procedures'', ''System'' and ''Component''.~~ # The first category includes foundational information such as concepts, models and terminology. Line 36 ⟶ 32: # The third category includes work products that describe system design guidance and requirements for the secure integration of control systems. Core in this is the zone and conduit design model. # The fourth category includes work products that describe the specific product development and technical requirements of control system products. # The fifth category provides profiles for industry-specific cybersecurity requirements according to IEC 62443-1-5. # The sixth category defines assessment methodologies that ensure that assessment results are consistent and reproducible. ===NERC===

Control system security: Difference between revisions