IEC 62443-2-4:2015/AMD1:2017
(Amendment)Amendment 1 - Security for industrial automation and control systems - Part 2-4: Security program requirements for IACS service providers
Amendment 1 - Security for industrial automation and control systems - Part 2-4: Security program requirements for IACS service providers
Applies to all line-commutated high-voltage direct current (HVDC) converter stations used for power exchange in utility systems. Presumes the use of 12-pulse thyristor converters but can also be used for 6-pulse thyristor converters. Presents procedures for determining the total losses of an HVDC converter station. Cover all parts, except synchronous compensators or static var compensators and address no-load operation and operating losses together with their methods of calculation which use, wherever possible, measured parameters.[
]The contents of the corrigendum of October 1999 have been included in this copy.
Amendement 1 - Sécurité des automatismes industriels et des systèmes de commande - Partie 2-4: Exigences de programme de sécurité pour les fournisseurs de service IACS
S'applique à tous les postes de conversion en courant continu à haute tnesion (CCHT), commutés par le réseau, et utilisés pour l'échange de puissance dans des systèmes de distribution d'énergie. Présuppose l'utilisation de convertisseurs à thyristors à 12 impulsions mais peut également s'appliquer à des convertisseurs à thyristors à 6 impulsions. Décrit un ensemble de procédures types permettant de déterminer l'ensemble des pertes d'un poste de conversion à CCHT. Les procédures recouvrent toutes les pièces, à l'exception des compensateurs synchrones ou des compensateurs var statiques et considèrent les pertes en fonctionnement à vide et les pertes en fonctionnement ainsi que leurs méthodes de calcul utilisant, dans la mesure du possible, des paramètres mesurés.[
]Le contenu du corrigendum d'octobre 1999 a été pris en considération dans cet exemplaire.
General Information
Relations
Buy Standard
Standards Content (Sample)
IEC 62443-2-4 ®
Edition 1.0 2017-08
INTERNATIONAL
STANDARD
colour
inside
AMENDMENT 1
Security for industrial automation and control systems –
Part 2-4: Security program requirements for IACS service providers
IEC 62443-2-4:2015-06/AMD1:2017-08(en)
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form
or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from
either IEC or IEC's member National Committee in the country of the requester. If you have any questions about IEC
copyright or have an enquiry about obtaining additional rights to this publication, please contact the address below or
your local IEC member National Committee for further information.
IEC Central Office Tel.: +41 22 919 02 11
3, rue de Varembé Fax: +41 22 919 03 00
CH-1211 Geneva 20 info@iec.ch
Switzerland www.iec.ch
About the IEC
The International Electrotechnical Commission (IEC) is the leading global organization that prepares and publishes
International Standards for all electrical, electronic and related technologies.
About IEC publications
The technical content of IEC publications is kept under constant review by the IEC. Please make sure that you have the
latest edition, a corrigenda or an amendment might have been published.
IEC Catalogue - webstore.iec.ch/catalogue Electropedia - www.electropedia.org
The stand-alone application for consulting the entire The world's leading online dictionary of electronic and
bibliographical information on IEC International Standards, electrical terms containing 20 000 terms and definitions in
Technical Specifications, Technical Reports and other English and French, with equivalent terms in 16 additional
documents. Available for PC, Mac OS, Android Tablets and languages. Also known as the International Electrotechnical
iPad. Vocabulary (IEV) online.
IEC publications search - www.iec.ch/searchpub IEC Glossary - std.iec.ch/glossary
The advanced search enables to find IEC publications by a 65 000 electrotechnical terminology entries in English and
variety of criteria (reference number, text, technical French extracted from the Terms and Definitions clause of
committee,…). It also gives information on projects, replaced IEC publications issued since 2002. Some entries have been
and withdrawn publications. collected from earlier publications of IEC TC 37, 77, 86 and
CISPR.
IEC Just Published - webstore.iec.ch/justpublished
Stay up to date on all new IEC publications. Just Published IEC Customer Service Centre - webstore.iec.ch/csc
details all new publications released. Available online and If you wish to give us your feedback on this publication or
also once a month by email. need further assistance, please contact the Customer Service
Centre: csc@iec.ch.
IEC 62443-2-4 ®
Edition 1.0 2017-08
INTERNATIONAL
STANDARD
colour
inside
AMENDMENT 1
Security for industrial automation and control systems –
Part 2-4: Security program requirements for IACS service providers
INTERNATIONAL
ELECTROTECHNICAL
COMMISSION
ICS 25.040.40; 35.110 ISBN 978-2-8322-4366-4
– 2 – IEC 62443-2-4:2015/AMD 1:2017
© 2017
FOREWORD
This amendment has been prepared by IEC technical committee 65: Industrial-process
measurement, control and automation.
The text of this amendment is based on the following documents:
CDV Report on voting
65/637A/CDV 65/661/RVC
Full information on the voting for the approval of this amendment can be found in the report
on voting indicated in the above table.
IMPORTANT – The 'colour inside' logo on the cover page of this publication indicates
that it contains colours which are considered to be useful for the correct
understanding of its contents. Users should therefore print this document using a
colour printer.
_____________
1 Scope
Replace the first paragraph by the following new text:
This part of IEC 62443 specifies a comprehensive set of requirements for security capabilities
for IACS service providers that they can offer to the asset owner during integration and
maintenance activities of an Automation Solution. Because not all requirements apply to all
industry groups and organizations, Subclause 4.1.4 provides for the development of Profiles
that allow for the subsetting of these requirements. Profiles are used to adapt this document
to specific environments, including environments not based on an IACS.
Delete Note 4 and renumber Note 5 to "Note 4".
3.1.14
safety instrumented system
Add the following Note 2 to entry:
Note 2 to entry: Not all industry sectors use this term. This term is not restricted to any specific industry sector,
and it is used generically to refer to systems that enforce functional safety. Other equivalent terms include safety
systems and safety related systems.
4.1.4 Profiles
Replace the existing text with the following:
This document recognizes that not all of the requirements in Annex A apply to all industry
sectors/environments. To allow subsetting and adaptation of these requirements, this
document provides for the use of “Profiles”.
IEC 62443-2-4:2015/AMD 1:2017 – 3 –
© 2017
Profiles are written as IEC Technical Reports (TRs) by industry groups/sectors or other
organizations, including asset owners and service providers, to select/adapt Annex A
requirements that are most appropriate to their specific needs.
Each TR may define one or more profiles, and each profile identifies a subset of the
requirements defined in Annex A and specifies, where necessary, how specific requirements
are to be applied in the environment where they are to be used.
It is anticipated that asset owners will select these profiles to specify the requirements that
apply to their Automation Solutions.
4.2 Maturity model
Table 1 – Maturity levels
Replace, in the fourth column, row for Level 2, the second paragraph that begins with “At this
level, the service provider has…” by the following:
At this level, the service provider has the capability to manage the delivery and performance of the service
according to written policies (including objectives). The service provider also has evidence to show that personnel
who will perform the service have the expertise, are trained, and/or are capable of following written procedures to
perform the service.
5.1 Contents
Insert the following new paragraph between the first paragraph and the note:
Not all requirements apply to all service providers, and asset owners may request service
providers to perform only a subset of the required capabilities specified in Annex A. In
addition, industry sectors, service providers, and asset owners may define their own profiles
that contain a subset of these requirements (see 4.1.4).
5.3 IEC 62264-1 hierarchy model
Replace the first paragraph with the following:
Many of the requirements in Annex A refer to network or application levels in phrases such as
“a wireless handheld device is used in Level 2”. When capitalized, “Level” in this context
refers to the position in the IEC 62264-1 Hierarchy Model. The Level of a referenced object
(e.g. wireless handheld device) is represented by the lowest Level function that it executes.
The zones and conduits model described by IEC 62443-3-2 is referenced by requirements in
Annex A that address, independent of the IEC 62264-1 Hierarchy Model Level, trust
boundaries that subdivide the Automation Solution into partitions referred to as “zones” by
IEC 62443-3-2.
5.5.3 Functional area column
Replace the first paragraph with the following:
This column provides the top level technical organization of the requirements. Table 3
provides a list of the functional areas. The functional areas in this column can be used to
provide a high level summary of the areas in which service providers claim conformance.
However, because the “Architecture” functional area is so broad, its use as a summary level is
– 4 – IEC 62443-2-4:2015/AMD 1:2017
© 2017
limited. Therefore, it is subdivided into three summary levels based on the Topic column (see
5.5.4) values for Architecture as shown below:
Summary Level Topic column
Network Security Devices – Network
Network design
Solution Hardening Devices – All
Devices – Workstations
Risk assessment,
Solution components
Data Protection Data Protection
5.5.7 Requirement description
Add “column” to the title as follows:
Requirement description column
Replace the existing text with the following:
This column contains the textual description of the requirement. It may also contain notes that
are examples provided to help in understanding the requirement.
Each requirement defines a capability required of the service provider. Whether an asset
owner requires the service provider to perform the capability is beyond the scope of this
document.
The term “ensure” is used in many requirements to mean “provide a high level of confidence”.
It is used when the service provider needs to have some means, such as a demonstration,
verification, or process, of providing this level of confidence.
The phrase “commonly accepted by both the security and industrial automation communities”
is used in these requirement descriptions in place of specific security technologies, such as
specific encryption algorithms. This phrase is used to allow evolution of more secure
technologies as a replacement for technologies whose weaknesses have been exposed.
To be compliant to these requirements, service providers will have to use technologies (e.g.
encryption) that are commonly accepted and used by the security and industrial automation
communities at the time compliance is claimed. Technologies that are no longer considered
secure, such as the Digital Encryption Standard (DES) and the Wireless Equivalent Privacy
(WEP) security algorithms, would be non-conformant.
5.5.8 Rationale
Add “column” to the title as follows:
Rationale column
IEC 62443-2-4:2015/AMD 1:2017 – 5 –
© 2017
Annex A – Security requirements
Table A.1 – Security program requirements
Change the text in the “Requirement description” and “Rationale” columns to:
Req ID BR/R Functional Topic Subtopic Doc Requirement description Rationale
E area ?
SP.01.04 BR Solution staffing Background Service provider No The service provider shall have the The capabilities specified by this BR and its REs are
checks capability to ensure that it assigns used to protect the Automation Solution from being
only service provider personnel to staffed with personnel whose trustworthiness may be
Automation Solution related questionable. While the background check cannot
activities who have successfully guarantee trustworthiness, it can identify personnel
passed security-related background who have had trouble with their trustworthiness.
checks, where feasible, and to the
Having this capability means that the service provider
extent allowed by applicable law.
has an identifiable process for verifying the integrity of
the service provider personnel it will assign to work on
the Automation Solution. This requirement also
recognizes that the ability to perform background
checks is not always possible because of applicable
laws or because of lack of support by local authorities
and/or service organizations. For example, there may
be countries that do not prohibit background checks,
but that provide no support for conducting a
background check, making it infeasible or impractical
for the service provider to perform such a check.
How and how often background checks are performed
are left to the service provider. Examples of
background checks include identity verification and
criminal record checks.
– 6 – IEC 62443-2-4:2015/AMD 1:2017
© 2017
Change the text in the “Requirement description” and “Rationale” columns to:
Req ID BR/RE Functional Topic Subtopic Doc Requirement description Rationale
area ?
SP.01.04 RE(1) Solution Background Subcontractor No The service provider shall have the Having this capability means that the service provider
staffing checks capability to ensure that it assigns has an identifiable process for verifying the integrity of
only subcontractors, consultants, the subcontractors, consultants, and representatives of
and representatives to the service provider who will be assigned to work on
Automation Solution related activities the Automation Solution. This requirement also
who have successfully passed recognizes that the ability to perform background
security-related background checks, checks is not always possible because of applicable
where feasible, and to the extent laws or because of lack of support by local authorities
allowed by applicable law. and/or service organizations. For example, there may
be countries that do not prohibit background checks,
but that provide no support for conducting a
background check, making it infeasible or impractical
for the service provider to perform such a check.
How and how often background checks are performed
are left to the service provider. Examples of
background checks include identity verification and
criminal record checks.
See ISO/IEC 27036-3 for additional supply chain
organizational requirements.
IEC 62443-2-4:2015/AMD 1:2017 – 7 –
© 2017
Change the text in the “Requirement description” and “Rationale” columns to:
Req ID BR/RE Functional Topic Subtopic Doc Requirement description Rationale
area ?
SP.01.06 BR Solution Personnel Security lead No The service provider shall have The capability specified by this BR is used to reduce
staffing assignments documented minimum IACS cyber- errors in security decision making and implementation.
security qualifications for security Making poor choices or lacking the ability to properly
lead positio
...
IEC 62443-2-4 ®
Edition 1.0 2017-08
INTERNATIONAL
STANDARD
NORME
INTERNATIONALE
A MENDMENT 1
AM ENDEMENT 1
Security for industrial automation and control systems –
Part 2-4: Security program requirements for IACS service providers
Sécurité des automatismes industriels et des systèmes de commande –
Partie 2-4: Exigences de programme de sécurité pour les fournisseurs de
service IACS
IEC 62443-2-4:2015-06/AMD1:2017-08(en-fr)
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form
or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from
either IEC or IEC's member National Committee in the country of the requester. If you have any questions about IEC
copyright or have an enquiry about obtaining additional rights to this publication, please contact the address below or
your local IEC member National Committee for further information.
Droits de reproduction réservés. Sauf indication contraire, aucune partie de cette publication ne peut être reproduite
ni utilisée sous quelque forme que ce soit et par aucun procédé, électronique ou mécanique, y compris la photocopie
et les microfilms, sans l'accord écrit de l'IEC ou du Comité national de l'IEC du pays du demandeur. Si vous avez des
questions sur le copyright de l'IEC ou si vous désirez obtenir des droits supplémentaires sur cette publication, utilisez
les coordonnées ci-après ou contactez le Comité national de l'IEC de votre pays de résidence.
IEC Central Office Tel.: +41 22 919 02 11
3, rue de Varembé info@iec.ch
CH-1211 Geneva 20 www.iec.ch
Switzerland
About the IEC
The International Electrotechnical Commission (IEC) is the leading global organization that prepares and publishes
International Standards for all electrical, electronic and related technologies.
About IEC publications
The technical content of IEC publications is kept under constant review by the IEC. Please make sure that you have the
latest edition, a corrigendum or an amendment might have been published.
IEC publications search - webstore.iec.ch/advsearchform Electropedia - www.electropedia.org
The advanced search enables to find IEC publications by a The world's leading online dictionary on electrotechnology,
variety of criteria (reference number, text, technical containing more than 22 000 terminological entries in English
committee,…). It also gives information on projects, replaced and French, with equivalent terms in 16 additional languages.
and withdrawn publications. Also known as the International Electrotechnical Vocabulary
(IEV) online.
IEC Just Published - webstore.iec.ch/justpublished
Stay up to date on all new IEC publications. Just Published IEC Glossary - std.iec.ch/glossary
details all new publications released. Available online and 67 000 electrotechnical terminology entries in English and
once a month by email. French extracted from the Terms and Definitions clause of
IEC publications issued since 2002. Some entries have been
IEC Customer Service Centre - webstore.iec.ch/csc collected from earlier publications of IEC TC 37, 77, 86 and
If you wish to give us your feedback on this publication or CISPR.
need further assistance, please contact the Customer Service
Centre: sales@iec.ch.
A propos de l'IEC
La Commission Electrotechnique Internationale (IEC) est la première organisation mondiale qui élabore et publie des
Normes internationales pour tout ce qui a trait à l'électricité, à l'électronique et aux technologies apparentées.
A propos des publications IEC
Le contenu technique des publications IEC est constamment revu. Veuillez vous assurer que vous possédez l’édition la
plus récente, un corrigendum ou amendement peut avoir été publié.
Recherche de publications IEC - Electropedia - www.electropedia.org
webstore.iec.ch/advsearchform Le premier dictionnaire d'électrotechnologie en ligne au
La recherche avancée permet de trouver des publications IEC monde, avec plus de 22 000 articles terminologiques en
en utilisant différents critères (numéro de référence, texte, anglais et en français, ainsi que les termes équivalents dans
comité d’études,…). Elle donne aussi des informations sur les 16 langues additionnelles. Egalement appelé Vocabulaire
projets et les publications remplacées ou retirées. Electrotechnique International (IEV) en ligne.
IEC Just Published - webstore.iec.ch/justpublished Glossaire IEC - std.iec.ch/glossary
Restez informé sur les nouvelles publications IEC. Just 67 000 entrées terminologiques électrotechniques, en anglais
Published détaille les nouvelles publications parues. et en français, extraites des articles Termes et Définitions des
Disponible en ligne et une fois par mois par email. publications IEC parues depuis 2002. Plus certaines entrées
antérieures extraites des publications des CE 37, 77, 86 et
Service Clients - webstore.iec.ch/csc CISPR de l'IEC.
Si vous désirez nous donner des commentaires sur cette
publication ou si vous avez des questions contactez-nous:
sales@iec.ch.
IEC 62443-2-4 ®
Edition 1.0 2017-08
INTERNATIONAL
STANDARD
NORME
INTERNATIONALE
A MENDMENT 1
AM ENDEMENT 1
Security for industrial automation and control systems –
Part 2-4: Security program requirements for IACS service providers
Sécurité des automatismes industriels et des systèmes de commande –
Partie 2-4: Exigences de programme de sécurité pour les fournisseurs de
service IACS
INTERNATIONAL
ELECTROTECHNICAL
COMMISSION
COMMISSION
ELECTROTECHNIQUE
INTERNATIONALE
ICS 25.040.40; 35.110 ISBN 978-2-8322-6486-7
– 2 – IEC 62443-2-4:2015/AMD1:2017
© IEC 2017
FOREWORD
This amendment has been prepared by IEC technical committee 65: Industrial-process
measurement, control and automation.
This bilingual version (20219-02) corresponds to the monolingual English version, published
in 2017-08.
The text of this amendment is based on the following documents:
CDV Report on voting
65/637A/CDV 65/661/RVC
Full information on the voting for the approval of this amendment can be found in the report
on voting indicated in the above table.
The French version of this amendment has not been voted upon.
IMPORTANT – The 'colour inside' logo on the cover page of this publication indicates
that it contains colours which are considered to be useful for the correct
understanding of its contents. Users should therefore print this document using a
colour printer.
_____________
1 Scope
Replace the first paragraph by the following new text:
This part of IEC 62443 specifies a comprehensive set of requirements for security capabilities
for IACS service providers that they can offer to the asset owner during integration and
maintenance activities of an Automation Solution. Because not all requirements apply to all
industry groups and organizations, Subclause 4.1.4 provides for the development of Profiles
that allow for the subsetting of these requirements. Profiles are used to adapt this document
to specific environments, including environments not based on an IACS.
Delete Note 4 and renumber Note 5 to "Note 4".
3.1.14
safety instrumented system
Add the following Note 2 to entry:
Note 2 to entry: Not all industry sectors use this term. This term is not restricted to any specific industry sector,
and it is used generically to refer to systems that enforce functional safety. Other equivalent terms include safety
systems and safety related systems.
© IEC 2017
4.1.4 Profiles
Replace the existing text with the following:
This document recognizes that not all of the requirements in Annex A apply to all industry
sectors/environments. To allow subsetting and adaptation of these requirements, this
document provides for the use of “Profiles”.
Profiles are written as IEC Technical Reports (TRs) by industry groups/sectors or other
organizations, including asset owners and service providers, to select/adapt Annex A
requirements that are most appropriate to their specific needs.
Each TR may define one or more profiles, and each profile identifies a subset of the
requirements defined in Annex A and specifies, where necessary, how specific requirements
are to be applied in the environment where they are to be used.
It is anticipated that asset owners will select these profiles to specify the requirements that
apply to their Automation Solutions.
4.2 Maturity model
Table 1 – Maturity levels
Replace, in the fourth column, row for Level 2, the second paragraph that begins with “At this
level, the service provider has…” by the following:
At this level, the service provider has the capability to manage the delivery and performance of the service
according to written policies (including objectives). The service provider also has evidence to show that personnel
who will perform the service have the expertise, are trained, and/or are capable of following written procedures to
perform the service.
5.1 Contents
Insert the following new paragraph between the first paragraph and the note:
Not all requirements apply to all service providers, and asset owners may request service
providers to perform only a subset of the required capabilities specified in Annex A. In
addition, industry sectors, service providers, and asset owners may define their own profiles
that contain a subset of these requirements (see 4.1.4).
5.3 IEC 62264-1 hierarchy model
Replace the first paragraph with the following:
Many of the requirements in Annex A refer to network or application levels in phrases such as
“a wireless handheld device is used in Level 2”. When capitalized, “Level” in this context
refers to the position in the IEC 62264-1 Hierarchy Model. The Level of a referenced object
(e.g. wireless handheld device) is represented by the lowest Level function that it executes.
The zones and conduits model described by IEC 62443-3-2 is referenced by requirements in
Annex A that address, independent of the IEC 62264-1 Hierarchy Model Level, trust
boundaries that subdivide the Automation Solution into partitions referred to as “zones” by
IEC 62443-3-2.
– 4 – IEC 62443-2-4:2015/AMD1:2017
© IEC 2017
5.5.3 Functional area column
Replace the first paragraph with the following:
This column provides the top level technical organization of the requirements. Table 3
provides a list of the functional areas. The functional areas in this column can be used to
provide a high level summary of the areas in which service providers claim conformance.
However, because the “Architecture” functional area is so broad, its use as a summary level is
limited. Therefore, it is subdivided into three summary levels based on the Topic column (see
5.5.4) values for Architecture as shown below:
Summary Level Topic column
Network Security Devices – Network
Network design
Solution Hardening Devices – All
Devices – Workstations
Risk assessment,
Solution components
Data Protection Data Protection
5.5.7 Requirement description
Add “column” to the title as follows:
Requirement description column
Replace the existing text with the following:
This column contains the textual description of the requirement. It may also contain notes that
are examples provided to help in understanding the requirement.
Each requirement defines a capability required of the service provider. Whether an asset
owner requires the service provider to perform the capability is beyond the scope of this
document.
The term “ensure” is used in many requirements to mean “provide a high level of confidence”.
It is used when the service provider needs to have some means, such as a demonstration,
verification, or process, of providing this level of confidence.
The phrase “commonly accepted by both the security and industrial automation communities”
is used in these requirement descriptions in place of specific security technologies, such as
specific encryption algorithms. This phrase is used to allow evolution of more secure
technologies as a replacement for technologies whose weaknesses have been exposed.
To be compliant to these requirements, service providers will have to use technologies (e.g.
encryption) that are commonly accepted and used by the security and industrial automation
communities at the time compliance is claimed. Technologies that are no longer considered
secure, such as the Digital Encryption Standard (DES) and the Wireless Equivalent Privacy
(WEP) security algorithms, would be non-conformant.
© IEC 2017
5.5.8 Rationale
Add “column” to the title as follows:
Rationale column
– 6 – IEC 62443-2-4:2015/AMD1:2017
© IEC 2017
Annex A – Security requirements
Table A.1 – Security program requirements
Change the text in the “Requirement description” and “Rationale” columns to:
Req ID BR/R Functional Topic Subtopic Doc Requirement description Rationale
E area ?
SP.01.04 BR Solution staffing Background Service provider No The service provider shall have the The capabilities specified by this BR and its REs are
checks capability to ensure that it assigns used to protect the Automation Solution from being
only service provider personnel to staffed with personnel whose trustworthiness may be
Automation Solution related questionable. While the background check cannot
activities who have successfully guarantee trustworthiness, it can identify personnel
passed security-related background who have had trouble with their trustworthiness.
checks, where feasible, and to the
Having this capability means that the service provider
extent allowed by applicable law.
has an identifiable process for verifying the integrity of
the service provider personnel it will assign to work on
the Automation Solution. This requirement also
recognizes that the ability to perform background
checks is not always possible because of applicable
laws or
...
Questions, Comments and Discussion
Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.