iTeh StandardsiTeh Standards
EURUSD
Your shopping cart is empty.
IEC

IEC 62443-4-1:2018

(Main)

Security for industrial automation and control systems - Part 4-1: Secure product development lifecycle requirements

Security for industrial automation and control systems - Part 4-1: Secure product development lifecycle requirements

IEC 62443-4:2018 specifies the process requirements for the secure development of products used in industrial automation and control systems. This specification is part of a series of standards that addresses the issue of security for industrial automation and control systems (IACS). IEC 62443-4 defines secure development life-cycle (SDL) requirements related to cyber security for products intended for use in the industrial automation and control systems environment and provides guidance on how to meet the requirements described for each element. The life-cycle description includes security requirements definition, secure design, secure implementation (including coding guidelines), verification and validation, defect management, patch management and product end-of-life. These requirements can be applied to new or existing processes for developing, maintaining and retiring hardware, software or firmware.
Note that these requirements only apply to the developer and maintainer of the product, and are not applicable to the integrator or the user of the product. A summary list of the requirements is provided in Annex B.

Sécurité des automatismes industriels et des systèmes de commande - Partie 4-1: Exigences relatives au cycle de développement<br /> de produit sécurisé

L'IEC 62443-4:2018 spécifie les exigences relatives au processus de développement sécurisé des produits utilisés dans des systèmes d'automatisation et de commande industriels. Elle définit un cycle de développement sécurisé (SDL – secure development life-cycle) en vue de développer et d'assurer la sécurité des produits. Ce cycle inclut la définition des exigences de sécurité, la conception sécurisée, la mise en œuvre sécurisée (y compris les lignes directrices en matière de codage), la vérification et la validation, la gestion des défauts, la gestion des correctifs et la fin de vie du produit. Ces exigences peuvent être appliquées à des processus nouveaux ou existants pour le développement, la maintenance et le retrait des matériels, logiciels et micrologiciels destinés aux produits nouveaux ou existants. Elles s'appliquent au développeur et au chargé de maintenance du produit, mais pas à l'intégrateur ni à l'utilisateur du produit. Une liste récapitulative des exigences du présent document peut être consultée à l'Annexe B.

General Information

Status
Published
Publication Date
14-Jan-2018
ICS
01 - GENERALITIES. TERMINOLOGY. STANDARDIZATION. DOCUMENTATION
25.040.40 - Industrial process measurement and control
35.030 - IT Security
Technical Committee
TC 65 - Industrial-process measurement, control and automation
Drafting Committee
WG 10 - TC 65/WG 10
Current Stage
PPUB - Publication issued
Start Date
02-Feb-2018
Completion Date
15-Jan-2018
Ref Project

Buy Standard

IEC 62443-4-1:2018 - Security for industrial automation and control systems - Part 4-1: Secure product development lifecycle requirementsIEC 62443-4-1:2018 - Security for industrial automation and control systems - Part 4-1: Secure product development lifecycle requirements
PreviousNext
Standard
IEC 62443-4-1:2018 - Security for industrial automation and control systems - Part 4-1: Secure product development lifecycle requirements
English language
54 pages
sale 15% off
Preview
sale 15% off
Preview
IEC 62443-4-1:2018 - Security for industrial automation and control systems - Part 4-1: Secure product development lifecycle requirementsIEC 62443-4-1:2018 - Security for industrial automation and control systems - Part 4-1: Secure product development lifecycle requirements
PreviousNext
Standard
IEC 62443-4-1:2018 - Security for industrial automation and control systems - Part 4-1: Secure product development lifecycle requirements
English and French language
112 pages
sale 15% off
Preview
sale 15% off
Preview

Standards Content (Sample)

IEC 62443-4-1
®

Edition 1.0 2018-01
INTERNATIONAL
STANDARD

colour
inside


Security for industrial automation and control systems –
Part 4-1: Secure product development lifecycle requirements

IEC 62443-4-1:2018-01(en)

---------------------- Page: 1 ----------------------
THIS PUBLICATION IS COPYRIGHT PROTECTED
Copyright © 2018 IEC, Geneva, Switzerland

All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form
or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from
either IEC or IEC's member National Committee in the country of the requester. If you have any questions about IEC
copyright or have an enquiry about obtaining additional rights to this publication, please contact the address below or
your local IEC member National Committee for further information.


IEC Central Office Tel.: +41 22 919 02 11
3, rue de Varembé info@iec.ch
CH-1211 Geneva 20 www.iec.ch
Switzerland

About the IEC
The International Electrotechnical Commission (IEC) is the leading global organization that prepares and publishes
International Standards for all electrical, electronic and related technologies.

About IEC publications
The technical content of IEC publications is kept under constant review by the IEC. Please make sure that you have the
latest edition, a corrigenda or an amendment might have been published.

IEC Catalogue - webstore.iec.ch/catalogue Electropedia - www.electropedia.org
The stand-alone application for consulting the entire The world's leading online dictionary of electronic and
bibliographical information on IEC International Standards, electrical terms containing 21 000 terms and definitions in
Technical Specifications, Technical Reports and other English and French, with equivalent terms in 16 additional
documents. Available for PC, Mac OS, Android Tablets and languages. Also known as the International Electrotechnical
iPad. Vocabulary (IEV) online.

IEC publications search - webstore.iec.ch/advsearchform IEC Glossary - std.iec.ch/glossary
The advanced search enables to find IEC publications by a 67 000 electrotechnical terminology entries in English and
variety of criteria (reference number, text, technical French extracted from the Terms and Definitions clause of
committee,…). It also gives information on projects, replaced IEC publications issued since 2002. Some entries have been
and withdrawn publications. collected from earlier publications of IEC TC 37, 77, 86 and

CISPR.
IEC Just Published - webstore.iec.ch/justpublished

Stay up to date on all new IEC publications. Just Published IEC Customer Service Centre - webstore.iec.ch/csc
details all new publications released. Available online and If you wish to give us your feedback on this publication or
also once a month by email. need further assistance, please contact the Customer Service
Centre: sales@iec.ch.

---------------------- Page: 2 ----------------------
IEC 62443-4-1

®


Edition 1.0 2018-01




INTERNATIONAL



STANDARD








colour

inside










Security for industrial automation and control systems –

Part 4-1: Secure product development lifecycle requirements



























INTERNATIONAL

ELECTROTECHNICAL


COMMISSION





ISBN 978-2-8322-5239-0
ICS 25.040.40; 35.030




  Warning! Make sure that you obtained this publication from an authorized distributor.


® Registered trademark of the International Electrotechnical Commission

---------------------- Page: 3 ----------------------
– 2 – IEC 62443-4-1:2018 © IEC 2018
CONTENTS
FOREWORD . 6
INTRODUCTION . 8
1 Scope . 11
2 Normative references . 11
3 Terms, definitions, abbreviated terms, acronyms and conventions . 11
3.1 Terms and definitions . 11
3.2 Abbreviated terms and acronyms . 16
3.3 Conventions . 17
4 General principles . 17
4.1 Concepts .
...

IEC 62443-4-1
®

Edition 1.0 2018-01
INTERNATIONAL
STANDARD
NORME
INTERNATIONALE
colour
inside


Security for industrial automation and control systems –
Part 4-1: Secure product development lifecycle requirements

Sécurité des automatismes industriels et des systèmes de commande –
Partie 4-1: Exigences relatives au cycle de développement de produit sécurisé

IEC 62443-4-1:2018-01(en-fr)

---------------------- Page: 1 ----------------------
THIS PUBLICATION IS COPYRIGHT PROTECTED
Copyright © 2018 IEC, Geneva, Switzerland

All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form
or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from
either IEC or IEC's member National Committee in the country of the requester. If you have any questions about IEC
copyright or have an enquiry about obtaining additional rights to this publication, please contact the address below or
your local IEC member National Committee for further information.


Droits de reproduction réservés. Sauf indication contraire, aucune partie de cette publication ne peut être reproduite
ni utilisée sous quelque forme que ce soit et par aucun procédé, électronique ou mécanique, y compris la photocopie
et les microfilms, sans l'accord écrit de l'IEC ou du Comité national de l'IEC du pays du demandeur. Si vous avez des
questions sur le copyright de l'IEC ou si vous désirez obtenir des droits supplémentaires sur cette publication, utilisez
les coordonnées ci-après ou contactez le Comité national de l'IEC de votre pays de résidence.

IEC Central Office Tel.: +41 22 919 02 11
3, rue de Varembé info@iec.ch
CH-1211 Geneva 20 www.iec.ch
Switzerland

About the IEC
The International Electrotechnical Commission (IEC) is the leading global organization that prepares and publishes
International Standards for all electrical, electronic and related technologies.

About IEC publications
The technical content of IEC publications is kept under constant review by the IEC. Please make sure that you have the
latest edition, a corrigendum or an amendment might have been published.

IEC publications search - webstore.iec.ch/advsearchform Electropedia - www.electropedia.org
The advanced search enables to find IEC publications by a The world's leading online dictionary on electrotechnology,
variety of criteria (reference number, text, technical containing more than 22 000 terminological entries in English
committee,…). It also gives information on projects, replaced and French, with equivalent terms in 16 additional languages.
and withdrawn publications. Also known as the International Electrotechnical Vocabulary

(IEV) online.
IEC Just Published - webstore.iec.ch/justpublished
Stay up to date on all new IEC publications. Just Published IEC Glossary - std.iec.ch/glossary
details all new publications released. Available online and 67 000 electrotechnical terminology entries in English and
once a month by email. French extracted from the Terms and Definitions clause of
IEC publications issued since 2002. Some entries have been
IEC Customer Service Centre - webstore.iec.ch/csc collected from earlier publications of IEC TC 37, 77, 86 and
If you wish to give us your feedback on this publication or CISPR.

need further assistance, please contact the Customer Service

Centre: sales@iec.ch.


A propos de l'IEC
La Commission Electrotechnique Internationale (IEC) est la première organisation mondiale qui élabore et publie des
Normes internationales pour tout ce qui a trait à l'électricité, à l'électronique et aux technologies apparentées.

A propos des publications IEC
Le contenu technique des publications IEC est constamment revu. Veuillez vous assurer que vous possédez l’édition la
plus récente, un corrigendum ou amendement peut avoir été publié.

Recherche de publications IEC - Electropedia - www.electropedia.org
webstore.iec.ch/advsearchform Le premier dictionnaire d'électrotechnologie en ligne au
La recherche avancée permet de trouver des publications IEC monde, avec plus de 22 000 articles terminologiques en
en utilisant différents critères (numéro de référence, texte, anglais et en français, ainsi que les termes équivalents dans
comité d’études,…). Elle donne aussi des informations sur les 16 langues additionnelles. Egalement appelé Vocabulaire
projets et les publications remplacées ou retirées. Electrotechnique International (IEV) en ligne.

IEC Just Published - webstore.iec.ch/justpublished Glossaire IEC - std.iec.ch/glossary
Restez informé sur les nouvelles publications IEC. Just 67 000 entrées terminologiques électrotechniques, en anglais
Published détaille les nouvelles publications parues. et en français, extraites des articles Termes et Définitions des
Disponible en ligne et une fois par mois par email. publications IEC parues depuis 2002. Plus certa
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

This May Also Interest You

IEC
IEC 62443-3-2:2020(Main)
Security for industrial automation and control systems - Part 3-2: Security risk assessment for system design

IEC 62443-3-2:2020 establishes requirements for:
• defining a system under consideration (SUC) for an industrial automation and control system (IACS);
• partitioning the SUC into zones and conduits;
• assessing risk for each zone and conduit;
• establishing the target security level (SL-T) for each zone and conduit; and
• documenting the security requirements.

  • Standard
    31 pages
    English language
    sale 15% off
  • Standard
    63 pages
    English and French language
    sale 15% off
IEC
IEC 62443-4-2:2019(Main)
Security for industrial automation and control systems - Part 4-2: Technical security requirements for IACS components

IEC 62443-4-2:2019 provides detailed technical control system component requirements (CRs) associated with the seven foundational requirements (FRs) described in IEC TS 62443-1-1 including defining the requirements for control system capability security levels and their components, SL-C(component).
As defined in IEC TS 62443-1-1 there are a total of seven foundational requirements (FRs):
a) identification and authentication control (IAC),
b) use control (UC),
c) system integrity (SI),
d) data confidentiality (DC),
e) restricted data flow (RDF),
f) timely response to events (TRE), and
g) resource availability (RA).
These seven FRs are the foundation for defining control system security capability levels. Defining security capability levels for the control system component is the goal and objective of this document as opposed to SL-T or achieved SLs (SL-A), which are out of scope.
The contents of the corrigendum of August 2022 have been included in this copy.

  • Standard
    192 pages
    English and French language
    sale 15% off
IEC
IEC 62443-3-2:2020(Main)
Security for industrial automation and control systems - Part 3-2: Security risk assessment for system design

IEC 62443-3-2:2020 establishes requirements for:
• defining a system under consideration (SUC) for an industrial automation and control system (IACS);
• partitioning the SUC into zones and conduits;
• assessing risk for each zone and conduit;
• establishing the target security level (SL-T) for each zone and conduit; and
• documenting the security requirements.

  • Standard
    31 pages
    English language
    sale 15% off
  • Standard
    63 pages
    English and French language
    sale 15% off
IEC
IEC 62443-4-2:2019(Main)
Security for industrial automation and control systems - Part 4-2: Technical security requirements for IACS components

IEC 62443-4-2:2019 provides detailed technical control system component requirements (CRs) associated with the seven foundational requirements (FRs) described in IEC TS 62443-1-1 including defining the requirements for control system capability security levels and their components, SL-C(component).
As defined in IEC TS 62443-1-1 there are a total of seven foundational requirements (FRs):
a) identification and authentication control (IAC),
b) use control (UC),
c) system integrity (SI),
d) data confidentiality (DC),
e) restricted data flow (RDF),
f) timely response to events (TRE), and
g) resource availability (RA).
These seven FRs are the foundation for defining control system security capability levels. Defining security capability levels for the control system component is the goal and objective of this document as opposed to SL-T or achieved SLs (SL-A), which are out of scope.
The contents of the corrigendum of August 2022 have been included in this copy.

  • Standard
    192 pages
    English and French language
    sale 15% off
IEC
IEC 62386-104:2019/AMD1:2023(Amendment)
Amendment 1 - Digital addressable lighting interface - Part 104: General requirements - Wireless and alternative wired system components
  • Standard
    6 pages
    English and French language
    sale 15% off
IEC
IEC 62977-2-11:2023(Main)
Electronic displays - Part 2-11: Measurement of optical characteristics - Local luminance and uniformity

IEC 62977-2-11:2023 specifies the local luminance and uniformity measurement methods of emissive displays. The light measuring device’s (LMD) measurement field will cover more than 500 pixels of TVs, monitors or signage displays. The local luminance and uniformity measurement methods identify optical variations within the local block where over 500 emission pixels are regularly placed.

  • Standard
    20 pages
    English language
    sale 15% off
IEC
IEC 61851-24:2023(Main)
Electric vehicle conductive charging system - Part 24: Digital communication between a DC EV supply equipment and an electric vehicle for control of DC charging

IEC 61851-24:2023, together with IEC 61851-23, applies to digital communication between a DC EV supply equipment and an electric road vehicle (EV) for control of conductive DC power transfer, with a rated supply voltage up to 1 000 V AC or up to 1 500 V DC and a rated output voltage up to 1 500 V DC.
This document also applies to digital communication between the DC EV charging/discharging station and the EV for system A, as specified in Annex A.
The EV charging mode is mode 4, according to IEC 61851-23.
Annex A, Annex B, and Annex C give descriptions of digital communications for control of DC charging specific to DC EV charging systems A, B and C as defined in IEC 61851-23.
This second edition cancels and replaces the first edition published in 2014. This edition constitutes a technical revision.
This edition includes the following significant technical changes with respect to the previous edition:
- Annex A and Annex B have been updated in line with IEC 61851-23:2023 and relevant standards.

  • Standard
    105 pages
    English and French language
    sale 15% off
IEC
IEC 61851-23:2023(Main)
Electric vehicle conductive charging system - Part 23: DC electric vehicle supply equipment

IEC 61851-23:2023 applies to the EV supply equipment to provide energy transfer between the supply network and electric vehicles (EVs), with a rated maximum voltage at side A of up to 1 000 V AC or up to 1 500 V DC and a rated maximum voltage at side B up to 1 500 V DC.
This document specifies the EV supply equipment of system A, system B and system C as defined in Annex AA, Annex BB and Annex CC. Other systems are under consideration.
This document provides the requirements for bidirectional power transfer (BPT) EV supply equipment for system A, with a rated maximum voltage at side A up to 1 000 V AC or 1 500 V DC. The requirements for reverse power transfer (RPT) and BPT for system B and system C are under consideration and are not specified in this document.
This second edition cancels and replaces the first edition published in 2014. This edition constitutes a technical revision. This edition includes the following significant technical changes with respect to the previous edition:
a) the structure has been rearranged according to IEC 61851-1:2017;
b) electrical safety requirements in Clause 8 and Clause 12 have been revised based on the requirements in IEC 62477-1 and inspired by the hazard based safety approach of IEC 62368-1;
c) test methods for checking conformity to the stated requirements have been mostly added; general provisions for compliance tests have been specified in Clause 102;
d) specific requirements and/or information for the following functions have been added: energy transfer with thermal management system (101.2), bi-directional power transfer control (Annex DD), multi- side B separated EV supply equipment (Annex FF), and communication and energy transfer process (Annex GG);
e) Annex AA (system A), Annex BB (system B) and Annex CC (system C) have been updated including additions in conjunction with b) and c). This document has been limited to be applicable to system A, system B and system C;
f) the former Annex DD and Annex EE have been deleted. A new Annex EE, with the requirements for the artificial test load, has been added.
g) a new informative annex for the touch current and the touch impulse current (Annex HH) has been added

  • Standard
    383 pages
    English language
    sale 15% off
IEC
IEC 60228:2023(Main)
Conductors of insulated cables

IEC 60228:2023 specifies the nominal cross-sectional areas, in the range 0,5 mm2 to 3 500 mm2, for conductors in electric power cables and cords of a wide range of types. Requirements for numbers and sizes of wires and resistance values are also included. These conductors include solid, stranded and Milliken, copper, aluminium and aluminium alloy conductors in cables for fixed installations and flexible copper conductors. This document does not apply to conductors for telecommunication purposes. The applicability of this document to a particular type of cable is as specified in the standard for the type of cable. Unless specified otherwise in a particular clause, IEC 60028 ED4 relates to the conductors in the finished cable and not to the conductor as made or supplied for inclusion into a cable. Conductors described in this document are specified in metric sizes. Informative annexes provide supplementary information covering temperature correction factors for resistance measurement (Annex B) and guidance on dimensional limits of circular conductors (Annex C). This document has the status of a horizontal publication in accordance with IEC Guide 108.

  • Standard
    70 pages
    English language
    sale 15% off
IEC
IEC 62056-6-1:2023(Main)
Electricity metering data exchange - The DLMS®/COSEM suite - Part 6-1: Object Identification System (OBIS)

IEC 62056-6-1:2023 is available as IEC 62056-6-1:2023 RLV which contains the International Standard and its Redline version, showing all changes of the technical content compared to the previous edition.IEC 62056-6-1:2023 specifies the overall structure of the OBject Identification System (OBIS) and the mapping of all commonly used data items in metering equipment to their identification codes.OBIS provides a unique identifier for all data within the metering equipment, including not only measurement values, but also abstract values used for configuration or obtaining information about the behaviour of the metering equipment. The ID codes defined in this document are used for the identification of:
- logical names of the various instances of the ICs, or objects, as defined in IEC 62056‑6‑2:2023;
- data transmitted through communication lines;
- data displayed on the metering equipment, see Clause A.2 in Annex A.
This document applies to all types of metering equipment, such as fully integrated meters, modular meters, tariff attachments, data concentrators, etc.
To cover metering equipment measuring energy types other than electricity, combined metering equipment measuring more than one type of energy or metering equipment with several physical measurement channels, the concepts of medium and channels are introduced. This allows meter data originating from different sources to be identified. While this document fully defines the structure of the identification system for other media, the mapping of non-electrical energy related data items to ID codes is completed separately
This fourth edition cancels and replaces the third edition of IEC 62056-6-1, published in 2017. This edition constitutes a technical revision. The main technical changes with respect to the previous edition are listed in Annex B (informative).

  • Standard
    87 pages
    English and French language
    sale 15% off