Security standard ISA/IEC 62443
Module duration: 8 hours
Module overview
​
This module is based on the ISA/IEC 62443 standard, and in particular on tier 62443-4, parts 4-1 and 4-2, defined for the industrial context. It is the reference cybersecurity standard in industrial automation and control systems, also applied in transportation systems. We present the requirements proposed by the standard and the essential ingredients that must be considered to create a secure product.
Objective of this module
The module aims to address security topics for industrial components, leveraging the ISA/IEC 62443 standard. Two specific parts of the standard are examined in further detail: part 4-1, which introduces the concept of maturity levels, and part 4-2, which introduces the concept of security levels. The concepts taken from these standard sections have practical relevance for product development and security assessment.
What you will learn:
01.
How to apply security concepts to the industrial context.
02.
Parts of the ISA/IEC 62443 standard relevant for component development
03.
The key ideas in the ISA/IEC 62443 series of standards
04.
Basics of the 62443 component certification process
You will cover:
Before exploring some of the more practical aspects introduced by the 4-1 and 4-2 standard parts, the module provides an introduction to the basic underlying technical concepts and contextualization in the application domain, analyzing the typical requirements and needs of the industrial sector.
The course consists of the following main topics:
​
• The ISA/IEC 62443 Standard
• Concepts from the 62443 Standard
• Foundational Requirements and Security Levels (62443-4-2)
• Practices and Maturity Levels (62443-4-1)
• Certification
This module is
intended for:
The module is targeted at professionals working for companies that deliver components (embedded devices, SW applications, hosts, network devices) used in industrial contexts, including both the technical figures who will directly act according to the procedures defined in the standard (platform developers, embedded SW developers, product testers, technical leaders) and the non-strictly technical professionals (product and project managers, business developers…) who wish to understand better the value brought by application of the 62443 standard to the products and processes that they manage.
