IEC TR 63074:2019
(Main)Safety of machinery - Security aspects related to functional safety of safety-related control systems
Safety of machinery - Security aspects related to functional safety of safety-related control systems
IEC TR 63074:2019 gives guidance on the use of IEC 62443 (all parts) related to those aspects of security threats and vulnerabilities that could influence functional safety implemented and realized by safety-related control systems (SCS) and could lead to the loss of the ability to maintain safe operation of a machine.
Considered security aspects of the machine with potential relation to SCS are:
– vulnerabilities of the SCS either directly or indirectly through the other parts of the machine which can be exploited by security threats that can result in security attacks (security breach);
– influence on the safety characteristics and ability of the SCS to properly perform its function(s);
– typical use case definition and application of a corresponding threat model.
General Information
Relations
Standards Content (Sample)
IEC TR 63074 ®
Edition 1.0 2019-05
TECHNICAL
REPORT
colour
inside
Safety of machinery – Security aspects related to functional safety of safety-
related control systems
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form
or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from
either IEC or IEC's member National Committee in the country of the requester. If you have any questions about IEC
copyright or have an enquiry about obtaining additional rights to this publication, please contact the address below or
your local IEC member National Committee for further information.
IEC Central Office Tel.: +41 22 919 02 11
3, rue de Varembé info@iec.ch
CH-1211 Geneva 20 www.iec.ch
Switzerland
About the IEC
The International Electrotechnical Commission (IEC) is the leading global organization that prepares and publishes
International Standards for all electrical, electronic and related technologies.
About IEC publications
The technical content of IEC publications is kept under constant review by the IEC. Please make sure that you have the
latest edition, a corrigendum or an amendment might have been published.
IEC publications search - webstore.iec.ch/advsearchform Electropedia - www.electropedia.org
The advanced search enables to find IEC publications by a The world's leading online dictionary on electrotechnology,
variety of criteria (reference number, text, technical containing more than 22 000 terminological entries in English
committee,…). It also gives information on projects, replaced and French, with equivalent terms in 16 additional languages.
and withdrawn publications. Also known as the International Electrotechnical Vocabulary
(IEV) online.
IEC Just Published - webstore.iec.ch/justpublished
Stay up to date on all new IEC publications. Just Published IEC Glossary - std.iec.ch/glossary
details all new publications released. Available online and 67 000 electrotechnical terminology entries in English and
once a month by email. French extracted from the Terms and Definitions clause of
IEC publications issued since 2002. Some entries have been
IEC Customer Service Centre - webstore.iec.ch/csc collected from earlier publications of IEC TC 37, 77, 86 and
If you wish to give us your feedback on this publication or CISPR.
need further assistance, please contact the Customer Service
Centre: sales@iec.ch.
IEC TR 63074 ®
Edition 1.0 2019-05
TECHNICAL
REPORT
colour
inside
Safety of machinery – Security aspects related to functional safety of safety-
related control systems
INTERNATIONAL
ELECTROTECHNICAL
COMMISSION
ICS 13.110; 29.020 ISBN 978-2-8322-6818-6
– 2 – IEC TR 63074:2019 © IEC 2019
CONTENTS
FOREWORD . 3
INTRODUCTION . 5
1 Scope . 6
2 Normative references . 6
3 Terms and definitions . 6
4 Safety and security overview . 10
4.1 General . 10
4.2 Safety objectives . 10
4.3 Security objectives . 11
5 Security aspects related to functional safety . 13
5.1 General . 13
5.1.1 Security risk assessment . 13
5.1.2 Security risk response strategy . 14
5.2 Security countermeasures . 14
5.2.1 General . 14
5.2.2 Identification and authentication . 16
5.2.3 Use control . 16
5.2.4 System integrity . 16
5.2.5 Data confidentiality . 16
5.2.6 Restricted data flow . 17
5.2.7 Timely response to events . 17
5.2.8 Resource availability . 17
6 Verification and maintenance of security countermeasures . 17
7 Information for the user of the machine(s) . 17
Annex A (informative) Basic information related to threats and threat modelling
approach . 18
A.1 Evaluation of threats . 18
A.2 Examples of threat related to a safety-related device . 19
Annex B (informative) Security risk assessment triggers . 21
B.1 General . 21
B.2 Event driven triggers . 21
Annex C (informative) Example of information flow between device supplier,
manufacturer of machine (integrator) and end user of machine . 22
C.1 General . 22
C.2 Example. 22
Bibliography . 23
Figure 1 – Relationship between threat(s), vulnerabilities, consequence(s) and security
risk(s) for SCS performing safety function(s) . 12
Figure 2 – Possible effects of security risk(s) to a SCS . 12
Figure A.1 –Safety-related device and possible accesses . 20
Figure C.1 – Example of information flow during design phase . 22
Table 1 – Overview of foundational requirements and possible influence(s) on a SCS . 15
INTERNATIONAL ELECTROTECHNICAL COMMISSION
____________
SAFETY OF MACHINERY –
SECURITY ASPECTS RELATED TO FUNCTIONAL
SAFETY OF SAFETY-RELATED CONTROL SYSTEMS
FOREWORD
1) The International Electrotechnical Commission (IEC) is a worldwide organization for standardization comprising
all national electrotechnical committees (IEC National Committees). The object of IEC is to promote
international co-operation on all questions concerning standardization in the electrical and electronic fields. To
this end and in addition to other activities, IEC publishes International Standards, Technical Specifications,
Technical Reports, Publicly Available Specifications (PAS) and Guides (hereafter referred to as "IEC
Publication(s)"). Their preparation is entrusted to technical committees; any IEC National Committee interested
in the subject dealt with may participate in this preparatory work. International, governmental and non-
governmental organizations liaising with the IEC also participate in this preparation. IEC collaborates closely
with the International Organization for Standardization (ISO) in accordance with conditions determined by
agreement between the two organizations.
2) The formal decisions or agreements of IEC on technical matters express, as nearly as possible, an international
consensus of opinion on the relevant subjects since each technical committee has representation from all
interested IEC National Committees.
3) IEC Publications have the form of recommendations for international use and are accepted by IEC National
Committees in that sense. While all reasonable efforts are made to ensure that the technical content of IEC
Publications is accurate, IEC cannot be held responsible for the way in which they are used or for any
misinterpretation by any end user.
4) In order to promote international uniformity, IEC National Committees undertake to apply IEC Publications
transparently to the maximum extent possible in their national and regional publications. Any divergence
between any IEC Publication and the corresponding national or regional publication shall be clearly indicated in
the latter.
5) IEC itself does not provide any attestation of conformity. Independent certification bodies provide conformity
assessment services and, in some areas, access to IEC marks of conformity. IEC is not responsible for any
services carried out by independent certification bodies.
6) All users should ensure that they have the latest edition of this publication.
7) No liability shall attach to IEC or its directors, employees, servants or agents including individual experts and
members of its technical committees and IEC National Committees for any personal injury, property damage or
other damage of any nature whatsoever, whether direct or indirect, or for costs (including legal fees) and
expenses arising out of the publication, use of, or reliance upon, this IEC Publication or any other IEC
Publications.
8) Attention is drawn to the Normative references cited in this publication. Use of the referenced publications is
indispensable for the correct application of this publication.
9) Attention is drawn to the possibility that some of the elements of this IEC Publication may be the subject of
patent rights. IEC shall not be held responsible for identifying any or all such patent rights.
The main task of IEC technical committees is to prepare International Standards. However, a
technical committee may propose the publication of a technical report when it has collected
data of a different kind from that which is normally published as an International Standard, for
example "state of the art".
Technical Report IEC TR 63074 has been prepared by IEC technical committee 44: Safety of
machinery – Electrotechnical aspects.
The text of this Technical Report is based on the following documents:
DTR Report on voting
44/842/DTR 44/843/RVDTR
Full information on the voting for the approval of this Technical Report can be found in the
report on voting indicated in the above table.
– 4 – IEC TR 63074:2019 © IEC 2019
This publication has been drafted in accordance with the ISO/IEC Directives, Part 2.
The committee has decided that the contents of this publication will remain unchanged until
the stability date indicated on the IEC web site under "http://webstore.iec.ch" in the data
related to the specific publication. At this date, the publication will be
• reconfirmed,
• withdrawn,
• replaced by a revised edition, or
• amended.
A bilingual version of this publication may be issued at a later date.
IMPORTANT – The 'colour inside' logo on the cover page of this publication indicates
that it contains colours which are considered to be useful for the correct
understanding of its contents. Users should therefore print this document using a
colour printer.
INTRODUCTION
Industrial automation systems can be exposed to security attacks due to the fact that:
– access to the control system is possible, e.g. re-programming of machine functions
(including safety);
– "convergence" between standard IT and industrial systems is increasing;
– operating systems have become present in embedded systems, e.g. IP-based protocols
are replacing proprietary network protocols and data is exchanged directly from the
SCADA network into the office world;
– software is developed by reusing existing third party software components;
– remote access from suppliers has become the standard way of operations / maintenance,
with an increased cyber security risk regarding e.g. unauthorized access, availability and
integrity.
As part of an industrial automation system, safety-related control systems of machines can
also be subject to security attacks that can result in a loss of the ability to maintain safe
operation of a machine.
NOTE 1 The risk potential of attack opportunities is significant seeing the trends and developments of threats and
the amount of known vulnerabilities. Security objectives are mainly described in terms of confidentiality, integrity
and availability, which in general need to be identified and prioritized by using a risk based approach.
Functional safety objectives consider the risk by estimating the severity of harm and the
probability of o
...
Questions, Comments and Discussion
Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.