ISA/IEC 62443 Models

Question 1

Types of Models in IEC62443 Series

Answer 1

1 - Reference - Overall
Concept
2 - Asset - relationship
between various assets
in IACS.
3 - System Architecture -
configuration of Assets.
4 - Zones & Conduits - club
the system architecture
elements as per the
defined characteristics.

Question 2

ISA 99 Model Relationships

Answer 2

Policies, Procedures, and guidelines ==> Assets ==> Reference Architecture ==> Zoned and Conduits

Question 3

Reference Model Levels

Answer 3

L4 - Business Planning and
Logistics
L3 - Manufacturing
Operations
Management
L2 - Supervisory Control
L1 - Sensing the production
process
L0 - Process

Question 4

Asset Model Characteristics

Answer 4

1 - Starts at a high level
2 - Includes all ANSI/ISA 95 Levels from 0 to 4, equipment and information systems
3 - Explicitly covers networks and ancillary equipment.
4 - Generic enough to fit all situations where control systems are deployed.

Question 5

Security Zone

Answer 5

Logical grouping of physical, informational, and application assets sharing common security requirements.

A zone can have sub-zones.

Question 6

Conduits

Answer 6

Logical grouping of communication assets that protect the security of channels it contains.
or
Logical grouping of communication channels, connecting two or more zones that share common security requirements.

Conduits can be physical or logical. e.g., router, switch, hub, firewall, wire, etc.

Conduits don’t have sub-zones.

Trusted conduits crossing the zone boundaries must use an end-to-end secure process.

Question 7

Number of Security Levels?

Answer 7

5.
SL0 - No security
SL1 - Protection against non-intentional and coincidental attacks
SL 2 - Protection against intentional attacks with low motivation with Simple means and resources.
SL 3 - Protection against intentional attacks with moderate motivation, sophisticated means, and moderate resources.
SL 4 - Protection against intentional attacks with high motivation and sophisticated means and resources.