ISA/IEC 62443 Standards - Part 3

✅[ST # 49] Standards Overview Series, covering key topics on what you need to know [Securing Things by M. Yousuf Faisal]

Author

M. Yousuf Faisal
February 08, 2025

Disclaimer: All views presented here, in this newsletter, are my own.

Author or the newsletter are not liable for any actions taken by any individual or any organization / business / entity. The information provided is for education and awareness purposes only and is not specific to any business and or situation.

M. Yousuf Faisal

Hello Securing Things Community,

This is Part-3 of a multi-part series on ISA/IEC 62443 standards overview - and will be expanding more on the standards, understand what are zones and conduits, foundational requirements, its relationship with systems and other requirements, applicability of security levels, different parts of the standard across the cybersecurity lifecycle phases, reference architecture and more.

In case you missed, here’s Part 1 and Part 2 we covered basics around:

  • introduction & background about the standards series,

  • key stakeholders, IACS roles & responsibilities,

  • 4 groups of standards requirements,

  • 3 phase IACS Cybersecurity Lifecycle,

  • ISA Secure Certifications for Suppliers, Products, Asset owners & individuals,

  • important terms, definitions & relationships,

  • Standards series introduction (of each standard part),

  • Standards elements, security levels, & types of standards requirements.

Quick test: Try to recall the 4 groups in the standards series using the tip from Part 1. If you can't, click the Part 1 link for a reminder. Hope this helps!

But before we begin, do me a favour and make sure you hit the “Subscribe” button to let me know that you care or liked and keep me motivated to publish more. Thanks!

Securing Things (Sponsor)

OT CBPRS (Cybersecurity Best Practices Requirements Specification) Toolkit!

The Solution (For Asset Owners Only) - Toolkit to get a head start for your OT/ICS Cybersecurity journey for SMB/SME industrial environment. Bonus - comes with limited complimentary seats for IT & OT CySEAT offering.

Below is a brief walkthrough on the toolkit:

(Note: Next iteration would include the ISA/IEC 62443-2-1 Security Program related requirements).

Note: Part 2 included a diagram illustrating the relationship of certain key terms and definitions. There are plans for certain terminology to be updated soon. More on this when new terms get published in future.

➡The 62443 series includes numerous related standards and reports. Clause three of each publication is the source for terms, conventions, and abbreviations.

Security Requirements📜

We’ll start where we left off in Part 2 related to different types of requirements.

IEC62443-3-3 outlines seven foundational requirements (FRs), which are detailed into a series of system requirements (SRs) and requirement enhancements (REs). The standard provides a chart to map SRs and REs to SLs 1 to 4.

<continue reading by registering below>.

Subscribe to keep reading

This content is free, but you must be subscribed to Securing Things Newsletter to continue reading.

I consent to receive newsletters via email. Terms of use and Privacy policy.

Already a subscriber?Sign in.Not now

Reply

or to participate.