Skip to main content
Tagasi

EVS-EN IEC 62443-2-4:2024

Security for industrial automation and control systems - Part 2-4: Security program requirements for IACS service providers

Üldinfo

Kehtiv alates 01.02.2024
Alusdokumendid
IEC 62443-2-4:2023; EN IEC 62443-2-4:2024
Direktiivid või määrused
puuduvad

Standardi ajalugu

Staatus
Kuupäev
Tüüp
Nimetus
01.02.2024
Põhitekst
02.05.2019
Põhitekst
02.05.2019
Muudatus
IEC 62443-2:2023 specifies a comprehensive set of requirements for security-related processes that IACS service providers can offer to the asset owner during integration and maintenance activities of an Automation Solution. Because not all requirements apply to all industry groups and organizations, Subclause 4.1.4 provides for the development of "profiles" that allow for the subsetting of these requirements. Profiles are used to adapt this document to specific environments, including environments not based on an IACS.
NOTE 1 The term "Automation Solution" is used as a proper noun (and therefore capitalized) in this document to prevent confusion with other uses of this term. Collectively, the security processes offered by an IACS service provider are referred to as its Security Program (SP) for IACS asset owners. In a related specification, IEC 62443-2-1 describes requirements for the Security Management System of the asset owner.
NOTE 2 In general, these security capabilities are policy, procedure, practice and personnel related. Figure 1 illustrates the integration and maintenance security processes of the asset owner, service provider(s), and product supplier(s) of an IACS and their relationships to each other and to the Automation Solution. Some of the requirements of this document relating to the safety program are associated with security requirements described in IEC 62443-3-3 and IEC 62443-4-2.
NOTE 3 The IACS is a combination of the Automation Solution and the organizational measures necessary for its design, deployment, operation, and maintenance.
NOTE 4 Maintenance of legacy system with insufficient security technical capabilities, implementation of policies, processes and procedures can be addressed through risk mitigation.

Nõutud väljad on tähistatud *

*
*
*
PDF
39,04 € koos KM-ga
PDF redline
50,75 € koos KM-ga
Paber
39,04 € koos KM-ga
Sirvi standardit alates 2,44 € koos KM-ga
Standardi monitooring

Teised on ostnud veel

Põhitekst

EVS-EN IEC 62443-3-3:2019

Industrial communication networks - Network and system security - Part 3-3: System security requirements and security levels
Uusim versioon Kehtiv alates 02.05.2019
Põhitekst

EVS-EN IEC 62443-4-2:2019

Security for industrial automation and control systems - Part 4-2: Technical security requirements for IACS components
Uusim versioon Kehtiv alates 02.05.2019
Põhitekst

EVS-EN IEC 62443-4-1:2018

Security for industrial automation and control systems - Part 4-1: Secure Product Development Lifecycle Requirements
Uusim versioon Kehtiv alates 02.04.2018
Põhitekst

EVS-EN IEC 62443-3-2:2020

Security for industrial automation and control systems - Part 3-2: Security risk assessment for system design
Uusim versioon Kehtiv alates 15.09.2020