Security for industrial automation and control systems - Part 4-2: Technical security requirements for IACS components

Designation Number:
CSA IEC 62443-4-2
Standard Type:
National Standard of Canada - Adoption of International Standard
Standard Development Activity:
New Standard
ICS code(s):
25.040.40
35.030
Status:
Proceeding to development
SDO Comment Period Start Date:
SDO Comment Period End Date:
Posted On:

Scope:

Scope

This part of IEC 62443 provides detailed technical control system component requirements

(CRs) associated with the seven foundational requirements (FRs) described in IEC TS 62443-

1-1 including defining the requirements for control system capability security levels and their components, SL-C(component). 

As defined in IEC TS 62443-1-1 there are a total of seven foundational requirements (FRs):

a) identification and authentication control (IAC),

b) use control (UC),

c) system integrity (SI),

d) data confidentiality (DC),

e) restricted data flow (RDF),

f) timely response to events (TRE), and

g) resource availability (RA).

These seven FRs are the foundation for defining control system security capability levels.

Defining security capability levels for the control system component is the goal and objective of this document as opposed to SL-T or achieved SLs (SL-A), which are out of scope.

NOTE 1 Refer to IEC 62443‑2‑1 [1] for an equivalent set of non-technical, program-related, capability requirements necessary for fully achieving a SL-T(control system).

NOTE 2 The trademarks and trade names mentioned in this document are given for the convenience of users of this document. This information does not constitute an endorsement by IEC of the products named.

 

Project need:

Project Need
To align Canadian Requirements with those of the respective international standards being proposed for adoption. To maintain alignment between Canadian operational technology standards and each respective international standard

Note: The information provided above was obtained by the Standards Council of Canada (SCC) and is provided as part of a centralized, transparent notification system for new standards development. The system allows SCC-accredited Standards Development Organizations (SDOs), and members of the public, to be informed of new work in Canadian standards development, and allows SCC-accredited SDOs to identify and resolve potential duplication of standards and effort.

Individual SDOs are responsible for the content and accuracy of the information presented here. The text is presented in the language in which it was provided to SCC.