Content deleted Content added
Cusimanoja (talk | contribs) |
|||
Line 20:
== Industrial Automation & Control System (IACS) Cybersecurity Standards ==
=== ANSI/ISA-99===
{{anchor|62443}}▼
▲ISA/IEC-62443 is a series of standards, technical reports, and related information that define procedures for implementing electronically secure Industrial Automation and Control Systems (IACS). This guidance applies to end-users (i.e. asset owner), system integrators, security practitioners, and control systems manufacturers responsible for manufacturing, designing, implementing, or managing industrial automation and control systems.
These documents were originally referred to as '''ANSI/ISA-99''' or '''ISA99''' standards, as they were created by the [[International Society of Automation|International Society for Automation (ISA)]] 99 committee, accredited by and publicly released as [[American National Standards Institute|American National Standards Institute (ANSI)]] documents. In 2010, they were renumbered to be the '''ANSI/ISA-62443''' series. This change was intended to align the ISA and ANSI document numbering with the corresponding [[International Electrotechnical Commission|International Electrotechnical Commission (IEC)]] standards.
Line 30 ⟶ 29:
ISA99 remains the name of the Industrial Automation and Control System Security Committee of the ISA. Since 2002, the committee has been developing a multi-part series of standards and technical reports on the subject of IACS security. These work products are then submitted to the ISA approval and then publishing under ANSI. They are also submitted to IEC for consideration as standards and specifications in the IEC 62443 series following the IEC standards development process.
[[File:ISA-62443_Standard_Series_2012.png|thumb|right|alt=The numbering and organization of ISA62443 work products into categories.|Planned and published ISA62443 work products for IACS Security.]] All ISA-62443 standards and technical reports are organized into four general categories called ''General'', ''Policies and Procedures'', ''System'' and ''Component''.<ref>More information about the activities and plans of the ISA99 committee is available on the committee Wiki site ([https://web.archive.org/web/20110402180044/http://isa99.isa.org/ISA99%20Wiki/Home.aspx])</ref>▼
▲{{anchor|62443}}
{{Main|IEC 62443}}
IEC 62443 is an international series of standards on "Industrial communication networks - IT security for networks and systems". The standard is divided into different sections and describes both technical and processor-related aspects of industrial cybersecurity. It divides the industry into different roles: the operator, the integrators (service providers for integration and maintenance) and the manufacturers. The different roles each follow a risk-based approach to prevent and manage security risks in their activities.<ref>{{cite web|url=https://webstore.iec.ch/publication/7033|title=Standards and References - IEC-62443|website=www.iec.ch}}</ref>
These standards are being used by practitioners in several industries to design and evaluate automation systems for cybersecurity resilience. Several of the standards are being used in personnel, engineering process, product, and system cybersecurity certification programs (also called conformity assessment programs). Certifications are awarded by accredited Certification Bodies (CB) who operate following ISO/IEC 17065 and ISO/IEC 17025. Certification Bodies are accredited to perform the auditing, assessment, and testing work by an Accreditation Body (AB). There is often one national AB in each country. These ABs operate per the requirements of ISO/IEC 17011, a standard that contains requirements for the competence, consistency, and impartiality of accreditation bodies when accrediting conformity assessment bodies. ABs are typically members of the International Accreditation Forum (IAF) for work in management systems, products, services, and personnel accreditation or the International Laboratory Accreditation Cooperation (ILAC) for laboratory accreditation. A Multilateral Recognition Arrangement (MLA) between ABs will ensure global recognition of accredited CBs.▼
▲[[File:ISA-62443_Standard_Series_2012.png|thumb|right|alt=The numbering and organization of
# The first (top) category includes common or foundational information such as concepts, models and terminology. Also included are work products that describe security metrics and security life cycles for IACS.
Line 36 ⟶ 42:
# The third category includes work products that describe system design guidance and requirements for the secure integration of control systems. Core in this is the zone and conduit design model.
# The fourth category includes work products that describe the specific product development and technical requirements of control system products. This is primarily intended for control product vendors, but can be used by integrator and asset owners for to assist in the procurement of secure products.
▲=== IEC-62443 ===
▲Certifications are awarded by accredited Certification Bodies (CB) who operate following ISO/IEC 17065 and ISO/IEC 17025. Certification Bodies are accredited to perform the auditing, assessment, and testing work by an Accreditation Body (AB). There is often one national AB in each country. These ABs operate per the requirements of ISO/IEC 17011, a standard that contains requirements for the competence, consistency, and impartiality of accreditation bodies when accrediting conformity assessment bodies. ABs are typically members of the International Accreditation Forum (IAF) for work in management systems, products, services, and personnel accreditation or the International Laboratory Accreditation Cooperation (ILAC) for laboratory accreditation. A Multilateral Recognition Arrangement (MLA) between ABs will ensure global recognition of accredited CBs.
== Control system security certification ==
| |||