Increasingly more industries and countries have recognized the need to harmonize with international standards rather than continuing to create competitive sector specific or country specific standards. The global economy and supply chains have increasingly become homogenous. The old days of many disparate choices with no integration still exist at some level in field operations but increasingly common protocols like MQTT, OPC UA, BACnet, PROFINET, Modbus, CIP ENIP, and web protocols with APIs are closing the gap between once siloed solutions.
AIT OT cyber engineers have contributed to ISA/IEC 62443 standards for several years across many sectors. We leverage part 2-1 and 3-3 to review customer policies, procedures, and system requirements. We use part 4-2 technical component requirements reviews and testing during assessments and factory/site acceptance testing. Additionally, AIT has been one of the contributors to ISA84.00.09 integrating 62443 security practices with traditional functional safety standards and practices.
AIT is happy to see now that governments, communities of vendors, asset owners, and now ISA standards conformance groups like ISA Secure and ISA Global Cyber Alliance have announced an effort for 2023 to create a conformance scheme for operational assessments. AIT OT cyber engineers have already done this in practice throughout their careers and are happy to hear that more people understand that parts of 62443 including 4-1, 4-2, and 3-3 are useful for more than just certifying vendor products. Those parts of the standard, especially the technical parts, should be leveraged, as AIT has always done, to assess, evaluate, and test that operational components, systems, and practices are properly configured, programmed, used, and maintained. Doing so closes the loop between the product lifecycle and the automation solution lifecycle from inception and design all the way to decommissioning.
AIT stands ready to help the community globally with ensuring their operations as well as their services and products conform to the requirements in the various parts of ISA/IEC 62443.
To learn more contact AIT’s CMAC ICS OT cyber engineering services group at firstname.lastname@example.org. Also see our other blog posts about security testing and reviews during factory and or site acceptance testing, continuous red teaming as a service, and binary reverse engineering and mapping services to ISA/IEC 62443.