ISA99 Committee Issues New Cyber Security Standard for Industrial Automation & Control Systems

Aug. 21, 2013

A newly published standard addresses risks arising from the growing use of business IT cyber security solutions.

The ISA-62443 Series of standards, being developed by the ISA99 Committee of the International Society of Automation (ISA) and adopted globally by the International Electrotechnical Commission (IEC), published a new standard, ISA-62443-3-3-2013, Security for Industrial Automation and Control Systems Part 3-3: System Security Requirements and Security Levels. It is designed to address risks arising from the growing use of business information technology (IT) cyber security solutions to address IACS cyber security in complex and dangerous manufacturing and processing applications.

RELATED: Cyber Security, Globalization and IT Trends Fuel Busy Year for Control System Integrators

IACS security goals typically focus on control system availability, plant protection, plant operations, and time-critical system response. IT security goals, in contrast, often focus more on protecting information than physical assets. For this reason, use of IT cyber security solutions to address IACS security must be implemented knowledgably to prevent unintended vulnerabilities that could lead to potentially disastrous health, safety, environmental, financial, and/or reputational impacts in deployed control systems.

The new ISA99 standard aims to address this concern with an approach to defining system requirements that is based on a combination of functional requirements and risk assessment, and an awareness of operational issues. The standard provides technical control system requirements associated with seven foundational requirements described in the groundbreaking first ISA99 standard, ISA 62443 1 1 (99.01.01), including defining the requirements for control system capability security levels. ISA expects those responsible for IACS cyber security use these requirements in developing the appropriate control system target security levels for specific assets.

“This standard provides highly relevant and practical direction to asset owners, system integrators and suppliers by describing the major system-level technical requirements for a secure IACS,” said ISA99 Co-Chair Eric C. Cosman of the Dow Chemical Company, in a prepared statement. “It serves as a cornerstone in the ISA-62443/IEC 62443 series, complementing other standards including ISA-62443-2-1, which addresses the processes and procedures needed for security.”

Sponsored Recommendations

Learn About: Micro Motion™ 4700 Config I/O Coriolis Transmitter

An Advanced Transmitter that Expands Connectivity

Micro Motion™ G-Series Compact, Drainable Coriolis Flow and Density Meters

Micro Motion G-Series Coriolis flow and density meters are ideally suited for Process Monitoring and Optimization applications, offering easy selection with pre-selected models...

Learn about: Micro Motion G-Series Coriolis Flow and Density Meters

The Micro Motion G-Series is designed to help you access the benefits of Coriolis technology even when available space is limited.

Micro Motion 4700 Coriolis Configurable Inputs and Outputs Transmitter

The Micro Motion 4700 Coriolis Transmitter offers a compact C1D1 (Zone 1) housing. Bluetooth and Smart Meter Verification are available.