DURHAM,
N.C., July 9, 2024 /PRNewswire/ -- The
International Society of Automation (ISA) – the leading
professional society for automation – announced today that its
ISASecure® cybersecurity certification program and the ISA Global
Cybersecurity Alliance (ISAGCA) have released a new paper on
industrial internet of things (IIoT) systems.
"IIoT System Implementation and Certification Based on ISA/IEC
62443 Standards" explores how the world's leading consensus
standards for the security of industrial automation and control
systems (IACS) can be applied to cloud-based functionality.
ISASecure and ISAGCA will host an informative webinar on 17 July
at 11 a.m. Eastern time for
interested parties to learn more about the paper. Registration is
free and available here.
The main conclusions of this 73-page paper include:
- The concepts in ISA/IEC 62443 standards can be applied to
IACS that use cloud-based functionality. Concepts such as risk
assessment, zone and conduit partitioning and the system/component
model can all be applied to an IIoT IACS.
- The scope of ISA/IEC 62443 should extend to the cloud
environment when the cloud-based functionality has the capability
to directly or indirectly change the physical state of the
equipment under control.
- Implementation of essential functions in the cloud does not
meet ISA/IEC 62443 requirements.
- A new category of cloud service called operational technology
as a service (OTaaS) would provide transparency when cloud-based
functionality has the capability to directly or indirectly change
the physical state of the equipment under control.
- The cloud provider is a new role not currently defined in
the ISA/IEC 62443 series. The cloud provider role includes
aspects of product supplier, service provider and asset owner
(operator) roles.
- Conformity assessment schemes could be developed for IIoT
systems, components and IACS based on ISA/IEC 62443 standards,
provided these standards are updated for the IIoT use case.
"The ISA/IEC 62443 series is the leading set of international
standards for the operational technology (OT) cybersecurity
landscape," said Andre Ristaino,
managing director, ISA conformity assessment programs. "As
industrial environments move increasingly to cloud and edge-cloud
systems and functions, it is important to validate that the
standards support this type of implementation. We are pleased that
the paper finds the standards to be applicable, and identifies
several ways to continue to improve OT cybersecurity through the
definition of new roles, services and conformance measures."
"IIoT System Implementation and Certification Based on ISA/IEC
62443 Standards" is available for download on the ISASecure and
ISAGCA websites.
About ISASecure
Founded in 2007 by the International
Society of Automation (ISA), the ISASecure program's mission is to
provide the highest level of assurance possible for the
cybersecurity of automation and control systems.
Founders and key supporters of ISASecure® include: BP, Chevron,
ExxonMobil, Saudi Aramco, Shell, YPF, GSK, Honeywell, Johnson
Controls, Schneider Electric, Trane, Yokogawa, Carrier, Siemens,
YPF, Amazon Web Services, exida, TUV Rheinland, CSSC, FM Approvals,
Synopsys, Trust CB, UL Solutions, SecurityGate, Interstates, BYHON,
TUV SUD, ITRI and Bureau Veritas.
The Program's ISASecure™ designation signifies to the
marketplace that automation and control system products conform to
industry-consensus cybersecurity standards. The ISASecure trademark
provides confidence to users of ISASecure-certified products and
systems and creates product differentiation for suppliers who
conform to the ISASecure specifications. Learn more at
www.isasecure.org.
About ISAGCA
The ISA Global Cybersecurity Alliance
(ISAGCA) is a collaborative forum to advance OT cybersecurity
awareness, education, readiness, standardization, and knowledge
sharing. ISAGCA is made up of 50+ member companies and industry
groups, representing more than $1.5
trillion in aggregate revenue across more than 2,400
combined worldwide locations. Automation and cybersecurity provider
members serve 31 different industries, underscoring the broad
applicability of the ISA/IEC 62443 series of standards. Learn more
at www.isagca.org.
About ISA
The International Society of Automation
(ISA) is a non-profit professional association founded in 1945 to
create a better world through automation. ISA's mission is to
empower the global automation community through standards and
knowledge sharing. ISA develops widely used global standards and
conformity assessment programs; certifies professionals; provides
education and training; publishes books and technical articles;
hosts conferences and exhibits; and provides networking and career
development programs for its members and customers around the
world. Learn more at www.isa.org.
View original content to download
multimedia:https://www.prnewswire.com/news-releases/isa-white-paper-on-iiot-systems-addresses-unique-cybersecurity-needs-of-cloud-and-edge-cloud-services-302192248.html
SOURCE The International Society of Automation