Terminology and Regulations & Standars (ISA/IEC 62443-1-1) Flashcards
ISA/IEC 62443 Series Groups
- General
- Policies & Procedures
- System
- Component
Difference between Standars and Technical Reports
Standars are normative in nature, they have shall and must statements.
Technical reports are informative in nature. Are published to provide recommendatios for implementing aproach.
The meaning of
IED
DCS
MES
EMS
PLC
HMI
IED: Intelligent Electronic Device
DCS: Distributed Control System
MES: Manufacturing Execution System
EMS: Energy Management System
PLC: Programable Logic Controller
HMI: Human-Machine Interface
Acronyms
RTU
HVAC
SCADA
IACS
SIS
ICS
RTU: Remote Terminal Unit
HVAC: Heating, Ventilation, and air-conditioning
SCADA: Sypervisory Control and Data Acquisition
IACS: Industrial Automation and Control System(s)
SIS: Safety Instrumented System
ICS: Industrial Control System(s)
STANDARS are mandatory or voluntary?
Regulations being mandatory, standars, compliance and conformance to them is voluntary. It’s consensus driven.
There is no requirement on anyone to use them unless….
* If agreed to in a contract …
* Penalty, either civil or criminal, for not complying with them
* Due Diligence
What kind of content do the Standars have?
- Normative: are those parts that shall be complied with in order to demonstrate compliance with the standard.
- Infromative: provide clarification or additional informational
What does Frameworks provide?
Provides a common taxonomy and mechanism for organizations.
* Describe current cybersecurity posture
* Describe target state for cybersecurity
* Indentify and prioritize oportunities for improvement within the context of a continuous and repeatable process
* Assess progress toward the target state
* Communicate among internal and external stakeholders about cybersecurity risk
Regulations
Specifies legally enforceable requirementes
Standars
Voluntary codes for witch there are no legal obligations to comply
Normative
Elements that shall be complied with in order to demostrate compliance with the standard
Informative
Elements provide clarification or additional information
SDO
A Standard Development Organization such as ISA