Jul,03

DD IEC PAS 62443-3 pdf – Security for industrial process measurement and control — Part 3: Network and system security

DD IEC PAS 62443-3 pdf – Security for industrial process measurement and control — Part 3: Network and system security

DD IEC PAS 62443-3 pdf – Security for industrial process measurement and control — Part 3: Network and system security
4 Introduction and compliance Use of IT security methods and standards have become common place in the office environment in the form of the ubiquitous code of practice for information security management (ISO/IEC 27002, previously known as ISO/IEC 1 7799), for operational security, and the evaluation criteria for IT security (ISO/IEC 1 5408), for product development. Now the internet and wireless networks have arrived on the shop floor.
Security problems in automation systems are increasingly making headlines in the specialized press; but commonly acknowledged practice and related standards are lagging, and this despite the higher stakes involved in automation systems, with possible physical production losses and impact on health, human life and environment. As has previously occurred in the operational security in the office environment, this PAS is an initial effort to provide guidance for the operational security of automation systems. However, the methods and standards from the office environment cannot be easily applied to automation systems. A study of EWICS [1 5] 1 has shown that the widely used ISO/IEC 27002 would have to be extended considerably to be applicable to industrial control systems. While 1 89 items have been judged applicable to very applicable, 85 % or 45 % have been found to require additional guidance. This PAS contains good practice identified by practitioners based on their practical experience but developed independently of ISO/IEC 27002. NOTE While it may be desirable to harmonize the structure and vocabulary of this PAS with ISO/IEC 27002, this has not been done at this time. This PAS is intended to fill the presently existing void while further efforts are planned to enhance the guidance in a future edition of IEC 62443 as outlined in Annex A.
Compliance to the policy of this PAS is a local matter. It may be stated in reference to all provisions of the ICS policy or to part of it or to a customized version of it. Certain measures of the policy may not be applied because they are not applicable at a given time for a given configuration in a given security context. The policy allows for this modularity and customization. Also, depending on the specific ICS, it may be deemed necessary or desirable, for example, from a risk/cost trade-off perspective, not to implement certain measures as prescribed by the policy. By the nature of security, this may only be done temporarily in application of ICS policy using its exception management provision.
5 Principles and reference models 5.1 General This PAS describes good practice in terms of technical and organizational security measures for the protection of the ICS and its industrial control network (ICN), including generally existing ICN subnetworks. This clause explains the underlying reference models.
The users of this PAS should customize these models for their specific application, in order to apply the provisions of the security policy to their specific requirements.
The advice of this PAS may need to be complemented by other models and related policy, i.e.threat-risk assessment, general security policy, and ISMS.
5.2 Threat-risk model
5.2.1 Overview
A general security related threat-risk model is shown in Figure 1 . From the figure can be read:
• threats are using vulnerabilities of the ICS;
• without counter-measures they may represent intolerable risk (to the assets);
• generally counter-measures are required to minimize risk (to the assets).
Counter-measures are widely available, as general processes, detailed procedures and sometimes in detail specifications.
This PAS will provide counter-measures as processes, and this in the form of a proposed policy.
5.2.2 Threats
Threats are possible security-related unwanted events causing damage, i.e. monetary loss.
Events that have some likelihood to occur in an ICS are:
• attacks by vandals and terrorists;
• ICS failure following a security event;
• denial of service attacks;
• breach of confidentiality, for example, disclosure of production information;
• breach of the law;
• undesirable event through acts of God, for example, extreme weather conditions like a storm or tornado.

Download
The previous

BS ISO IEC 19762-2 pdf - Information technology — Automatic identification and data capture (AIDC) techniques — Harmonized vocabulary

The next

DD IEC PAS 62596 pdf - Electrotechnical products – Determination of restricted substances – Sampling procedure – Guidelines

Related Standards

IEC 63245-1 pdf – Spatial wireless power transfer based on multiple magnetic resonances – Part 1: Requirements
Jul,05 326
IEC 63245-1 pdf – Spatial wireless power transfer based on multiple magnetic resonances – Part 1: Requirements
IEC 63252 pdf – Energy consumption of vending machines
Jul,05 393
IEC 63252 pdf – Energy consumption of vending machines
IEC Guide 115 pdf – Application of uncertainty of measurement to conformity assessment activities in the electrotechnical sector
Jul,05 407
IEC Guide 115 pdf – Application of uncertainty of measurement to conformity assessment activities in the electrotechnical sector
IEC IEEE 63113 pdf – Nuclear facilities – Instrumentation important to safety – Spent fuel pool instrumentation
Jul,05 437
IEC IEEE 63113 pdf – Nuclear facilities – Instrumentation important to safety – Spent fuel pool instrumentation
IEC PAS 61162-103 pdf – Maritime navigation and radiocommunication equipment and systems – Digital interfaces – Part 103: Single talker and multiple listeners – New and amended sentences and Talker IDs
Jul,05 277
IEC PAS 61162-103 pdf – Maritime navigation and radiocommunication equipment and systems – Digital interfaces – Part 103: Single talker and multiple listeners – New and amended sentences and Talker IDs
IEC PAS 63325 pdf – Lifecycle requirements for functional safety and security for IACS
Jul,05 276
IEC PAS 63325 pdf – Lifecycle requirements for functional safety and security for IACS
IEC SRD 63235 pdf – Smart city system – Methodology for concepts building
Jul,05 331
IEC SRD 63235 pdf – Smart city system – Methodology for concepts building
IEC TR 61188-8 pdf – Circuit boards and circuit board assemblies – Design and use – Part 8: 3D shape data for CAD component library
Jul,05 284
IEC TR 61188-8 pdf – Circuit boards and circuit board assemblies – Design and use – Part 8: 3D shape data for CAD component library
IEC TR 62222 pdf – Fire performance of communication cables installed in buildings
Jul,05 393
IEC TR 62222 pdf – Fire performance of communication cables installed in buildings
IEC TR 63042-303 pdf – UHV AC transmission systems – Part 303: Guideline for the measurement of UHV AC transmission line power frequency parameters
Jul,05 271
IEC TR 63042-303 pdf – UHV AC transmission systems – Part 303: Guideline for the measurement of UHV AC transmission line power frequency parameters

Tags

www.standard-codes.com