Purpose and intended audience
The IACS community audience for this specification is intendedto be asset owners, system integrators, product suppliers, serviceproviders and, where appropriate, compliance authorities.Compliance authorities include government agencies and regulatorswith the legal authority to perform audits to verify compliancewith governing laws and regulations.
System integrators, product suppliers and service providers will use this document to evaluate whether their products andservices can provide the functional security capability to meet theasset owner’s target security level (SL-T) requirements. As withthe assignment of SL-Ts, the applicability of individual controlsystem requirements (SRs) and requirement enhancements (REs) needsto be based on an asset owner’s security policies, procedures andrisk assessment in the context of their specific site. Note thatsome SRs contain specific conditions for permissible exceptions,such as where meeting the SR will violate fundamental operationalrequirements of a control system (which may trigger the need forcompensating countermeasures).
When designing a control system to meet the set of SRsassociated with specific SL-Ts, it is not necessary that everycomponent of the proposed control system support every systemrequirement to the level mandated in this standard. Compensatingcountermeasures can be employed to provide the needed functionalityto other subsystems, such that the overall SL -T requirements aremet at the control system level. Inclusion of compensatingcountermeasures during the design phase should be accompanied bycomprehensive documentation so that the resulting achieved controlsystem SL, SL-A(control system), fully reflects the intendedsecurity capabilities inherent in the design. Similarly, duringcertification testing and/or post -installation audits,compensating countermeasures can be utilized and documented inorder to meet the overall control system SL.
There is insufficient detail in this document to design andbuild an integrated security architecture. That requires additionalsystem-level analysis and development of derived requirements thatare the subject of other documents in the ISA‑62443 series (see0.3). Note that providing specifications detailed enough to build asecurity architecture is not the goal of this document. The goal isto define a common, minimum set of requirements to reachprogressively more stringent security levels. The actual design ofan architecture that meets these requirements is the job of systemintegrators and product suppliers. In this task, they retain thefreedom to make individual choices, thus supporting competition andinnovation. Thus this standard strictly adheres to specifyingfunctional requirements, and does not address how these functionalrequirements should be met.
- Edition:
- 13
- Published:
- 08/12/2013
- ANSI:
- ANSI Approved
- Number of Pages:
- 84
- File Size:
- 1 file , 1.9 MB
Reviews
There are no reviews yet.