ISA/IEC 62443 Series

Question 1

How many Sections are available in IEC62443 Standard

Answer 1

1 - General
2 - Policies & Procedures
3 - System
4 - Components
5 - Profiles ( Not yet published)
6 - Evaluations (early release)

*14 Publications with 10 standards and 4 Technical reports (TR).

• Technical reports are informative.

Question 2

Chapters in General

Answer 2

1-1 Basic Concepts, models
and definitions.
1-2 Master glossary and
abbreviations.
1-3 System security
conformance metrics.
(TR)1-4 IACS lifecycle use cases
1-5 Scheme for 62443
cybersecurity profiles.
(not yet released)
1-6 Application of 62443 in
IIOT.

Question 3

Chapters in Policies and Procedures

Answer 3

2-1 CSMS development
guidelines.
2-2 Security protection
rating (Maturity
Assessment of CSMS.)
(TR) 2-3 Patch Management.
2-4 Service Provider
Requirements.
(TR) 2-5 Implementation
Guidelines for AO.

Question 4

Chapters in System

Answer 4

(TR) 3-1 List of Technologies
3-2 Risk Assessment methodologies
3-3 System requirements and Security Levels

Question 5

Chapters in Components

Answer 5

4-1 Secure Product
development life-cycle
4-2 Technical requirements
for products.

Question 6

62443 Roles

Answer 6

1 - Asset owner (AO) - End User.
2 - Service Provider (SP) -system Integrator + Maintenance Provider.
3 - Product Supplier (PS) - OEM.

Question 7

IEC 62443 chapter applicability as per roles

Answer 7

1- *Series- For all (AO, SP, PS)
2-1 - AO
2-2 - AO & SP
2-3 - For all (AO, SP, PS)
2-4 - SP
2-5 - AO
3-1 - SP
3-2 - AO & SP
3-3 - AO & SP.
4-1 - PS
4-2 - PS

Question 8

ICS vs IACS

Answer 8

ICS = Industrial Control System. General term for control systems acting together to achieve industrial objectives.

IACS = Industrial Automation Control System. Collection of personals, hardware, software & policies involved in the industrial process operation that can affect or influence its safe, secure, and reliable operation.