Security for industrial automation and control systems - Part 2-3: Patch management in the IACS environment

Designation Number:

CAN/CSA-IEC TR 62443-2-3

Standard Type:

National Standard of Canada - Adoption of International Standard

Standard Development Activity:

New Standard

Status:

Proceeding to development

SDO Comment Period Start Date:

2017-06-13

SDO Comment Period End Date:

2017-07-05

Posted On:

2017-06-07

Scope:

This Standard describes requirements for asset owners and industrial automation and control system (IACS) product suppliers that have established and are now maintaining an IACS patch management program. This Technical Report recommends a defined format for the distribution of information about security patches from asset owners to IACS product suppliers, a definition of some of the activities associated with the development of the patch information by IACS product suppliers and deployment and installation of the patches by asset owners. The exchange format and activities are defined for use in security related patches; however, it may also be applicable for non-security related patches or updates

Project need:

This adoption is required to align Canadian standards with ANSI/ISA TR 62443-2-3:2015, which was published by IEC as IEC TR 62443-2-3:2015

Note: The information provided above was obtained by the Standards Council of Canada (SCC) and is provided as part of a centralized, transparent notification system for new standards development. The system allows SCC-accredited Standards Development Organizations (SDOs), and members of the public, to be informed of new work in Canadian standards development, and allows SCC-accredited SDOs to identify and resolve potential duplication of standards and effort.

Individual SDOs are responsible for the content and accuracy of the information presented here. The text is presented in the language in which it was provided to SCC.