What is ISA/IEC 62443 Standard?
The increasing cyber threats and vulnerabilities in industrial control system (ICS) networks can affect the availability of the industrial environment and cause significant damage to manufacturing enterprises. SA/IEC 62443 (formerly known as ISA 99) helps organizations to reduce both the risk of failure and the exposure of ICS networks to cyber threats. Aligning with the standard is important to protect critical control systems.
Who can use ISA/IEC 62443 standard?
ISA/IEC 62443 is a set of standards that organizations can use to secure their industrial automation and control systems (IACS) throughout their lifecycles. It helps organizations to reduce both the risk of system failure and the exposure to cyber threats. ISA/IEC 62443 consists of 14 documents divided into four groups: General, Policies and Procedures, System and Component.
What are the main four parts of ISA/IEC 62443?
ISA/IEC 62443 consists of four parts:
- Terminology and topics: A General section that includes terminology and topics that are relevant to the standards.
- Policies and Procedures: A portion is dedicated to Policies and Procedures that organizations can use to bolster their IACS security. These practices include establishing a formal security program for their IACS assets and delineating security requirements for IACS service providers.
- System level security: An overview of IACS security technologies and other System-level requirements.
- Component Security: A compendium of components and requirements that help to ensure a secure product development lifecycle for IACS systems.