The International Society of Automation renowned for setting benchmarks in automation technology, unveils its latest white paper addressing cybersecurity in industrial internet of things systems. Partnering with ISASecure® and the ISA Global Cybersecurity Alliance, ISA aims to enhance security measures for cloud-based functionalities within industrial automation and control systems.
IIoT System Implementation and Certification Based on ISA/IEC 62443 Standards outlines crucial adaptations of ISA/IEC 62443 standards to accommodate cloud-based operations. Key topics include risk assessment methodologies, zone and conduit partitioning strategies, and the application of system/component models in IIoT IACS.
To disseminate insights from the paper, ISASecure and ISAGCA will host an informative webinar on July 17th, inviting stakeholders to explore implications and applications of the standards in modern IIoT ecosystems. Registration for the webinar is free and accessible online.
The white paper emphasizes several pivotal conclusions:
1. Adaptability of ISA/IEC 62443 Standards: These standards prove applicable to IIoT systems utilizing cloud functionalities, ensuring robust cybersecurity frameworks.
2. Scope Extension to Cloud Environments: Standards should encompass cloud environments capable of influencing physical equipment states under control.
3. Challenges with Essential Functions in the Cloud: Implementing critical functions solely in the cloud may not meet ISA/IEC 62443 requirements.
4. Introducing OTaaS: Operational Technology as a Service emerges as a viable category to enhance transparency and compliance in cloud-based operations affecting physical equipment.
A critical highlight is the evolving role of cloud providers, integrating aspects of product supply, service provision, and asset ownership into cybersecurity frameworks. This new role necessitates innovative approaches to ensure compliance and cybersecurity alignment in IIoT environments.
Looking forward, ISA advocates for the development of conformity assessment schemes tailored for IIoT systems, components, and IACS. Continuous refinement of ISA/IEC 62443 standards will bolster cybersecurity measures, fostering resilience in increasingly complex industrial environments.