Security Framework
Annex A : Industrial Security Standards
functions have traditionally been tightly coupled in industrial systems . Therefore , updates , upgrades or bug fixes could potentially require recertification according to the regulations ( e . g ., IEC 61508 or ISO 13849 1 ) with the inclusion of notified bodies .
An example is the challenge presented by security updates for devices that have to be compliant with European Machinery Directive 2006 / 42 / EC 2 . Since December 2009 , this directive is binding in all member states of the European Union ( EU ). Only machines that comply with the directive may be sold within the EU . Original equipment manufacturers ( OEMs ) are responsible for this compliance . They must document the functional safety of every machine and must include the documentation in the delivery . The affixing of the CE marking on the machine symbolizes the selfdeclaration by the manufacturer that he is convinced that all the essential health and safety requirements of the relevant EC directives are met . 3 As a consequence of the machinery directive any update , upgrade or bug fix of the software or firmware that affects the safety aspects is only possible according to the steps following CE conformity , else the safety certification is voided .
The advent of Industrial Internet certainly adds to the challenges posed by combination of safety , security , and compliance requirements . Moving towards newer scalable regulatory paradigms 4 in addition to utilizing techniques for proper separation of safety , security and operational functions would pave the way for addressing those challenges .
A . 2
COMMON STANDARDS AND REGULATION
The International Electro-technical Commission ( IEC ) publishes the IEC 62443 5 series of standards for industrial automation and control systems security . The series , broadly encompasses the concepts of manufacturing and control systems electronic security , covering different types of systems , facilities , and plants in various industries .
Presently , the series of standards under IEC 62443 is comprised of four groups . Group 1 , labeled ‘ General ,’ presents a standardized terminology and aims at providing consistent models , references and metrics referred to by other groups . Policies and procedures for the creation of effective Industrial Automation and Control Systems ( IACS ) security programs are discussed in Group 2 , labeled ‘ Policies & Procedures .’ Group 3 , labeled ‘ System ’ covers cybersecurity technologies , design methodologies , assessment approaches , security requirements and assurance levels . Requirements for secure development lifecycle for IACS and secure component development are discussed in Group 4 , labeled “ Component .” As an example , IEC 62443-2-4
1
See [ IEC-61508 ] and [ ISO-13849 ]
2
See [ EU-2006 / 42 ]
3
See [ EU-CE ]
4
A good example can be found in FDA ’ s draft guidance on post-market management of cybersecurity in medical devices . The document develops the concept ‘ cybersecurity routine updates and patches ’, pointing out that they do not need to be reported under [ FDA-CFR-21 ].
5
See [ IEC-62443-11 ]
IIC : PUB : G4 : V1.0 : PB : 20160926 - 126 -