Guideline Industrial Security
IEC 62443 is easy
Pierre Kobes
Diese Publikation zitieren
Pierre Kobes, Guideline Industrial Security (2023), VDE Verlag, Berlin, ISBN: 9783800760756
348
Accesses
Accesses
Beschreibung / Abstract
Insufficient security is careless, too much security is inefficient.
Recent surveys point out that the fear of cyber attacks is one of the three biggest business risks. Digitalization based on cloud computing, mobility or the internet of things are important drivers for pushing productivity in industrial environments. Cybersecurity is a prerequisite for digitalization in the industry.
The importance of security protection concepts is growing with increasing external attacks. Operators of critical infrastructure have to maintain minimum standards and to protect their installations against cyber-attacks. Cybersecurity requires a holistic approach. Effective protection concepts can only be implemented with a range of organizational and technical measures. Product suppliers, system integrators, and operators have to work together to deploy holistic protection solutions. The new edition describes the security protection scheme in much more detail. A holistic protection includes a combination of technology, process, and people aspects for the protection of industrial facilities during operation.
The series of standards IEC 62443 supports the development of holistic solutions for the protection of industrial facilities and addresses all involved actors. Correspondingly IEC 62443 is perceived as complex. This guideline has the aim to simplify the approach to the deployment of protection concepts by giving an overview about IEC 62443, summarizing the ideas and concepts, and illustrating practical solutions.
Recent surveys point out that the fear of cyber attacks is one of the three biggest business risks. Digitalization based on cloud computing, mobility or the internet of things are important drivers for pushing productivity in industrial environments. Cybersecurity is a prerequisite for digitalization in the industry.
The importance of security protection concepts is growing with increasing external attacks. Operators of critical infrastructure have to maintain minimum standards and to protect their installations against cyber-attacks. Cybersecurity requires a holistic approach. Effective protection concepts can only be implemented with a range of organizational and technical measures. Product suppliers, system integrators, and operators have to work together to deploy holistic protection solutions. The new edition describes the security protection scheme in much more detail. A holistic protection includes a combination of technology, process, and people aspects for the protection of industrial facilities during operation.
The series of standards IEC 62443 supports the development of holistic solutions for the protection of industrial facilities and addresses all involved actors. Correspondingly IEC 62443 is perceived as complex. This guideline has the aim to simplify the approach to the deployment of protection concepts by giving an overview about IEC 62443, summarizing the ideas and concepts, and illustrating practical solutions.
Leseprobe
Inhaltsverzeichnis
- Guideline Industrial Security
- Stay informed!
- Imprint
- Preface
- Contents
- 1 Introduction
- 2 Cybersecurity involves process, people, and technology Cybersecurity involves process, people, and technology
- 3 Roles and responsibilities in IEC 62443
- 4 Structure of IEC 62443 Structure of IEC 62443
- 5 Concepts of IEC 62443
- 5.1 Defense in depth
- 5.2 The standard IEC 62443 in product and IACS lifecycles
- 5.3 Risk assessment according to VDI/VDE 2182
- 5.4 Security Levels
- 6 Security Program (SP) and Security Protection Scheme (SPS)
- 6.1 Relationship between Security Program (SP) and Security Protection Scheme (SPS)
- 6.2 Development and operation of a SPS
- 7 Security Protection Ratings
- 7.1 Definition and methodology
- 7.2 Use of SPR in risk reduction
- 7.3 SPR and SL types
- 7.4 Grouping of system security requirements
- 8 Role-based activities in the development, practice and maintenance of a security protection scheme
- 8.1 Specification
- 8.2 Design
- 8.3 Implementation
- 8.4 Verification and validation
- 8.5 Operation and Maintenance
- 8.6 Update
- 8.7 Decommissioning
- 9 Holistic approach for product suppliers, using the example of the Siemens security concept for process and discrete industries
- 9.1 Overview
- 9.2 Holistic security concept (HSC)
- 9.3 Plant security
- 9.4 Network security
- 9.5 System integrity
- 9.6 Role based access
- 9.7 Consideration of attack scenarios in product development and production
- Annex A: Detailed description of the IEC 62443 documents
- A1 Main documents relevant for the development and practice of a security protection scheme
- A2 Other documents of IEC 62443
- Annex B: Tracing of requirements to the elements of the asset owner security program (SP)
- B1 ORG 1 – Security related organization and policies
- B2 ORG 2 – Security assessments and reviews
- B3 ORG 3 – Security of physical access
- B4 CM 1 – Inventory management of IACS hardware/software components and network communications
- B5 NET 1 – System segmentation
- B6 NET 2 – Secure wireless access
- B7 NET 3 – Secure remote access
- B8 COMP 1 – Components and portable media
- B9 COMP 2 – Malware protection
- B10 COMP 3 – Patch management
- B11 DATA 1 – Protection of data
- B12 USER 1 – Identification and authentication
- B13 USER 2 – Authorization and access control
- B14 VENT 1 – Event and incident management
- B15 AVAIL 1 – System availability and intended functionality
- B16 AVAIL 2 – Backup/restore/archive
- Bibliography
- Index