Security Program Requirements for IACS Service Providers Flashcards
What is a service provider?
Individual or organization that provides a specific support service and associates supplies
- Integration Service Provider
- Maintenance Service Provider
- Concept includes Product Suppliers
Which chapter of ISA/IEC 62443 contains the requirements for service providers?
62443-2-4
ISCI
ISA Security Compliance Institute
Manages ISASecure conformance certification program
Definition
Performs activities that mantain and service Automation Solutions according to asset owner requirements
IACS Maintenance Service Provider
Key philosophy of secure product life-cycle
Defense-in-Depth Strategy
One of the four IACS components types, includes PLCs and IEDs
Embedded Device
Provides capabilities to implement/deploy Automation Solutions
IACS Integrator Service Provider
Manufacturer of hardware and/or software product
IACS Product Suppier
Which IACS Cybersecurity Lifecycle actor designs and manufactures COTS control systems?
Suppliers
True or False
The primary goal of Product Security Development Life-Cycle Requirements is to provide a framework which addresses secure by design, a defense-in-depth approach, as well as the building, maintaining, and retiring products.
True
True or False
The audience for ISA 62443 Part 4-2 includes integrators and product suppliers
True
True or False
ISASecure independently certifies IACS products and systems to ensure that they are robust against network attacks and free from known vulnerabilites.
True
True or False
Integration service provider activities generally occur starting with the design phase and then ending in handover of the Automation Solution to the asset owner.
True