MAR-APR 2018

Issue link:

Contents of this Issue


Page 45 of 57

New ISA99 standard on developing products that are cybersecure by design standards | New Benchmarks & Metrics 46 INTECH MARCH/APRIL 2018 WWW.ISA.ORG T he ISA/IEC 62443 series of stan- dards, developed by the ISA99 com- mittee and adopted by the Interna- tional Electrotechnical Commission (IEC), i designed to provide a flexible framework to address and mitigate current and future security vulnerabilities in industrial auto mation and control systems (IACSs). The committee draws on the input and knowl- edge of IACS security experts from across the globe to develop consensus standards that are applicable to all industry sectors and critical infrastructure. A newly published standard in the se- ries, ISA-62443-4-1, Security for Industrial Automation and Control Systems Part 4-1: Product Security Development Life-Cycle Requirements, specifies process require- ments for the secure development of products used in an IACS. It defines a se- cure development life cycle for developing and maintaining secure products. The life cycle includes security requirements defini- tion, secure design, secure implementation (including coding guidelines), verification and validation, defect management, patch management, and product end-of-life. These requirements can be applied to new or existing processes for developing, maintaining, and retiring hardware, soft- ware, or firmware. The requirements ap- ply to the developer and maintainer of a product, but not to the integrator or user of the product. "Designing security into products from the beginning of the development life cy cle is critical, because it can help eliminate vulnerabilities from products before they ever reach the field," emphasizes Michael Medoff of exida, who led the ISA99 devel- opment group for the standard. "We all know how difficult and expensive it can be to constantly have to patch software in the field. The new standard gives us a real opportunity to break the cycle of frequent security patches and to produce products that are secure by design." Also coming in 2018 Two additional standards in the ISA 62443 series are expected to be published in the coming months. The first, ISA/IEC 62443- 3-2: Security Risk Assessment, System Parti tioning and Security Levels, is based on the understanding that IACS security is a matter of risk management. Each IACS presents a different risk to an organization depending upon the threats it is exposed to, the likeli- hood of those threats arising, the inherent vulnerabilities in the system, and the conse- quences if the system were to be compro- mised. Further, each organization that owns and operates an IACS has a different toler- ance for risk. For these reasons, ISA/IEC 62443-3-2 will define a set of engineering measures to guide an organization through the process of assessing the risk of a particular IACS and identifying and applying security counter- measures to reduce that risk to tolerable lev- els. A key concept is the application of IACS security zones and conduits, which were introduced in ISA/IEC 62443-1-1: Concepts and Models. The new standard is a basis for specifying security countermeasures by aligning the identified target security level with the required secu- rity level capabilities specified in ISA/IEC 62443 - 3 - 3: System Security Require ments and Security Levels. The second stan- dard, ISA-62443-4-2: Technical Security Requirements for IACS Components, will provide the cybersecurity technical require ments for the components that make up an IACS, specifically the embedded de- vices, network components, host com- ponents, and software applications. This document, which derives its requirements from the IACS security requirements of ISA/IEC 62443 - 3 - 3, will specify security capabilities that enable a component to mitigate threats for a given security level without the assistance of compensating countermeasures. In addition, ISA99 has begun working on converting ISA-TR62443-2-3, Patch Man- agement in the IACS Environment, into a standard by adding normative language. The current technical report addresses the installation of patches, also called soft - ware updates, software upgrades, firm- ware upgrades, service packs, hotfixes, basic input/output system updates, and other digital electronic program updates that resolve bug fixes, operability, reli - ability, and cybersecurity vulnerabilities. I covers many of the problems and industry concerns associated with IACS patch man- agement for asset owners and IACS prod- uct suppliers. It also describes the effects poor patch management can have on the reliability and operability of an IACS The technical report provides a defined format for the exchange of information about security patches from asset owners to IACS product suppliers, and definitions of activities associated with the development of the patch information by IACS product suppliers and deployment of the patches by asset owners. The exchange format and ac- tivities are defined for use in security-related patches, but may also be applicable to other types of patches or updates. For information on viewing or obtaining any of the ISA/IEC 62443 standards, visit For information on ISA99 and the ISA/IEC 62443 series of cybersecurity standards, contact Eliana Brazda, ISA Standards, or +1-919-990-9200.

Articles in this issue

Links on this page

Archives of this issue

view archives of InTech - MAR-APR 2018