Challenges Of Using IEC 62443 To Secure IIoT
Summary
TLDRRyan de Souza, a principal Solutions architect at AWS, discusses the application of 62443 standards to the Industrial Internet of Things (IIoT). He covers the evolution of industrial IoT, its impact on operational technology (OT), and the security challenges it introduces. De Souza highlights the importance of the ISA/IEC 62443 standards in securing OT environments and the need for updates to accommodate IIoT devices. He also touches on the role of cloud providers in IIoT security and the available certifications like the ISASecure certification for IIoT components.
Takeaways
- 😀 Ryan de Souza, a principal Solutions architect at AWS, discussed the application of 62443 standards to the Industrial Internet of Things (IIoT).
- 🏭 Industrial IoT is utilized across various industries to improve operational efficiencies, reduce downtime, enhance product quality, and create new revenue opportunities.
- 🌐 The evolving manufacturing data landscape is influenced by the convergence of Operational Technology (OT) and Information Technology (IT), leading to industrial digital transformation.
- 🔒 Security is a critical factor slowing the transition to full OT and IT convergence due to the need to protect the expanding attack surface introduced by IIoT devices.
- 📚 The 62443 standards, developed by ISA and IEC, provide comprehensive security guidance for industrial automation and control systems, though they predate IIoT.
- 🚧 Challenges in applying 62443 to IIoT include the need for updated standards to reflect IIoT's impact on OT environments and the lack of a formal role for cloud providers.
- 🔄 The introduction of IIoT upsets the traditional ISA 95 model, necessitating a move towards a zero trust security model to address the increased attack surface.
- 🌐 Technical Report 62443-4-3 offers prescriptive guidance for asset owners on integrating IIoT into OT environments while adhering to 62443 security standards.
- 🏢 The shared responsibility model in cloud security involves cloud providers securing the cloud infrastructure and asset owners securing their applications and data within the cloud.
- ⛑️ ISA Secure offers certifications like the IoT Component Security Assurance Certification for IIoT devices and is working on a system certification that will consider IIoT use cases.
Q & A
What is the main topic of the session presented by Ryan de Souza?
-The main topic of the session is the application of 62443 standards to the Industrial Internet of Things (IIoT), discussing changes in the standards and certifications relevant to IIoT.
What roles does Ryan de Souza hold at AWS?
-Ryan de Souza is a Principal Solutions Architect at AWS.
What are the key use cases for Industrial IoT (IIoT) devices?
-Key use cases for IIoT devices include improving operational efficiencies, reducing unplanned downtime through predictive maintenance, enhancing product quality, improving supply chain management, and creating new revenue opportunities with smart products and services.
How does the introduction of IIoT change the traditional OT environment?
-The introduction of IIoT changes the traditional OT environment by integrating modern devices like IP-based cameras and edge gateways, leading to increased connectivity, data exchange, and new functionalities, while also expanding the attack surface and introducing new security risks.
What are the challenges in applying 62443 standards to IIoT?
-Challenges include the fact that 62443 predates IIoT and thus needs updating, the lack of a formal role for cloud providers in the standards, and the need for a shift from a segmented environment to a zero trust security model due to the increased connectivity of IIoT devices.
What is the significance of the technical report 62443-4-3?
-The technical report 62443-4-3 provides prescriptive guidance for asset owners on introducing IIoT into OT environments while adhering to 62443 security standards. It discusses the application of 62443 to IIoT and is seen as valuable for asset owners.
What is the purpose of the Zone and Conduit models in the context of IIoT?
-The Zone and Conduit models are used to understand threats and vulnerabilities in IIoT environments, informing risk assessments and helping to manage the security of different layers of the OT stack.
What is the shared responsibility model for cloud security?
-The shared responsibility model distinguishes between 'security of the cloud' and 'security in the cloud'. Cloud providers are responsible for security of the cloud infrastructure, while asset owners are responsible for security in the cloud, which includes their applications and data within the cloud.
What security capabilities can cloud providers offer to support IIoT implementations?
-Cloud providers can offer capabilities such as connected asset inventory, identity and access control, over-the-air updates, securing the industrial edge, encrypting data at rest and in transit, alerting and monitoring, security analytics, and backup and recovery of OT and IIoT data.
What certifications are available or in progress for IIoT devices and systems?
-The IIoT Component Security Assurance Certification is available for IIoT devices and gateways, based on 62443-4-1 and 62443-4-2 standards. The System Certification, which will consider IIoT use cases, is a work in progress and will be based on 62443-4-1, 62443-3-3, and 62443-2-4.
Outlines
🌐 Introduction to Industrial IoT and 62443 Standards
Ryan de Souza, a principal Solutions architect at AWS, introduces the session on 62443 and IoT for industrial applications. He outlines the session's agenda, which includes discussing changes in standards and certifications relevant to the Industrial Internet of Things (IIoT). Ryan emphasizes the widespread use of IIoT across various industries and its integration into the Operational Technology (OT) environment. He differentiates between traditional OT devices like PLCs and HMIs and modern IIoT devices such as IP cameras and edge gateways. The session aims to explore how these devices enhance operational efficiencies, reduce downtime, improve product quality, and create new revenue streams for manufacturers.
🔒 IIoT Threat Vectors and the 62443 Standards
The paragraph discusses the threat vectors associated with IIoT devices, which are not unique but pose significant risks when compromised, such as denial of service attacks, lateral threat escalation, network surveillance, sabotage, and ransomware. Ryan explains that the 62443 standards, developed by ISA and IEC, provide a comprehensive set of security standards for industrial automation and control systems. However, these standards predate the IIoT and require updates to address the new communication channels and functionalities introduced by IIoT. The paragraph highlights the need for the standards to evolve, including the recognition of cloud providers' roles and the adoption of a zero trust security model to manage the increased attack surface due to IIoT integration.
📚 Application of 62443 to IIoT and Zone-Conduit Models
Ryan introduces a technical report, 62443-4-3, which is a draft document providing prescriptive guidance for integrating IIoT into OT environments while adhering to 62443 security standards. The document discusses the application of security concepts like zones and conduits to IIoT, emphasizing the need for a new interpretation of these concepts. The paragraph also explains the use of zone and conduit models in risk assessments for IIoT use cases, such as connecting a sensor to an industrial IoT gateway, which then connects to external networks like the internet for cloud services. The models help understand threats, vulnerabilities, and consequences, informing risk management strategies.
🌐 Cloud Provider's Role and Shared Responsibility Model
This section delves into the role of cloud providers in IIoT projects and the shared responsibility model for cloud security. It explains that while cloud providers are responsible for the security of the cloud infrastructure, asset owners are responsible for security within the cloud, including applications and data. The paragraph highlights the various roles a cloud provider can play, such as a product supplier, maintenance service provider, and system integrator. It also outlines the security services and prescriptive guidance provided by cloud providers to assist asset owners in securing their IIoT applications, such as connected asset inventory, identity and access control, patching and software updates, and securing the industrial edge.
🛡️ Certifications and Security Capabilities for IIoT
Ryan discusses the importance of certifications like the ISASecure certification for IIoT devices and the ongoing development of system certifications for cloud services. He details the IIoT component security assurance certification, which focuses on device and gateway security, including compartmentalization, software update control, secure remote access, and resilience against DDoS attacks. The paragraph also covers the security capabilities that cloud providers can offer, such as asset inventory management, identity and access control, patching, secure edge gateways, data encryption, alerting and monitoring, and backup and recovery services. The session concludes with a call for standards and certification bodies to evolve rapidly to support the growing adoption of IIoT in OT environments.
📚 Resources and Conclusion
The final paragraph wraps up the presentation by highlighting the availability of resources, including study reports and certification materials related to IIoT and 62443. Ryan invites attendees to engage with him for further discussions and questions, emphasizing the importance of the presented information for asset owners looking to improve operational efficiencies and maintain competitiveness through the adoption of IIoT technologies.
Mindmap
Keywords
💡Industrial Internet of Things (IIoT)
💡Operational Technology (OT)
💡ISA 95
💡Security
💡Attack Surface
💡ISA/IEC 62443
💡Zero Trust Model
💡Shared Responsibility Model
💡Purdue Model
💡ISA Secure
Highlights
Introduction to the session on 62443 and IIoT by Ryan de Souza, a principal Solutions architect at AWS.
Industrial IoT's application across various industries and its integration into the OT environment.
Definition and examples of industrial IoT use cases, such as improving operational efficiencies and predictive maintenance.
The evolving manufacturing data landscape based on ISA 95, with comparisons between past, present, and future scenarios.
The impact of cloud technology on the transformation of OT in the context of industrial digital transformation and Industry 4.0.
Challenges in the convergence of OT and IT, particularly the security concerns that slow down full integration.
Discussion on the increased attack surface due to new connections introduced by IIoT devices.
Overview of IIoT threat vectors, including denial of service attacks and lateral threat escalation.
Explanation of the comprehensive nature of the 62443 standards and its structure into different groups.
Challenges with using 62443 for IIoT, including the need for updates to the standards to accommodate IIoT.
Introduction of the technical report 62443-4-3, which discusses the application of 62443 to IIoT.
Use of Zone and Conduit models in 62443 for risk assessments and understanding threats and vulnerabilities in IIoT.
The role of cloud providers in IIoT projects and the need for recognition in the 62443 standards.
Explanation of the shared responsibility model for cloud security, distinguishing between security of the cloud and in the cloud.
The Purdue model's usefulness in aligning IIoT security architecture with industrial automation and control systems.
Overview of security capabilities provided by cloud providers for securing the edge and cloud in IIoT applications.
Introduction of the first IIoT certification by ISASecure and its focus on component security assurance for IIoT devices.
Details on the component certification process, including certification tiers and requirements for IIoT devices and gateways.
Ongoing work on the system certification for cloud services in the context of IIoT.
Call for faster updates to standards and certifications to keep pace with the rapid adoption of IIoT in OT environments.
Availability of resources and materials for further study on IIoT component certification and related standards.
Transcripts
foreign
just making sure that you're all in the
right room this is the session on 62443
and iiot
okay
so welcome to this session uh I'm Ryan
de Souza and I'm a principal Solutions
architect at AWS it's a real pleasure to
be with you all here today and the topic
I'm going to discuss is 62443 and how to
apply it to iiot or the industrial
Internet of Things uh in this session
we'll be going over some of the changes
in the standards as well as the
certifications we've got really a lot of
content to cover uh so let's get started
so as most of you know or most of you
are aware industrial iot is used across
Industries
and uh
these are some of the industries that
it's it's used in it gets introduced
into the OT environment so industrial
iot or iiot devices integrate into the
OT environment and you do that when you
implement industrial iot use cases
throughout the stock today I will be
discussing and talking about
OT devices as well as I iot devices and
just to level set when I mention OT
devices I mean traditional OT devices
like plcs hmis scada systems when I
mentioned I iot devices I mean modern
iiot devices like IP based cameras
secondary sensors as well as Edge
gateways these iiot devices get
introduced into the OT environment when
you implement industrial iot use cases
so what are these industrial iot use
cases here are some of them it's
improving operational efficiencies in
the factory okay reducing unplanned
downtime with predictive maintenance
improving product quality
supply chain improvements in Supply
Chain management as well as creating new
Revenue opportunities for manufacturers
with smart products and services
let's go ahead and take the take a look
at the evolving manufacturing data
landscape and I've tried to lay this out
based on Isa 95 and based on three
different time zones okay so the first
time zone we'll take a look at is
yesterday
in yesterday's world you had asset
owners that implemented the traditional
para model or Isa 95 model OKAY in this
model you had Standalone applications
you had data silos very little
connectivity between the different
layers and few connections to external
networks right so that's the yesterday
scenario let's go ahead and take a look
at what's happening today and tomorrow
in the today tomorrow time frame
what we have over here is the
introduction of iiot so the ongoing
convergence of OT and it and the
introduction of industrial iot into the
OT landscape what is also happening is
that in the same way that the cloud
transformed the I.T landscape the cloud
is transforming and revolutionizing OT
in new ways in what is called industrial
digital transformation or industry 4.0
what's going to happen in the future is
even more convergence continued
convergence of 40 and it okay I would
say full convergence of otnit with any
to any Communications in this scenario
you have digital factories and smart
factories this trend is going to
continue this trend is going to
accelerate there's nothing stopping this
from happening uh what is slowing this
down is security right so security is
one of the factors that is slowing down
this transition towards a full
convergence and uh understandably so
because asset owners need to secure
OT when doing iiot and Cloud projects so
this convergence of otnit introduces new
opportunities
for manufacturers for industrial digital
transformation for industry for a door
but it also introduces new risk which
needs to be properly managed okay if you
look at this this architecture over here
it is drawn out to the ISA 95 model what
iiot introduces is new connections so
you can have iiot devices at different
layers of the stack establishing
connections to external networks or
untrusted networks and when this happens
you increase the attack surface okay so
this introduces new risk into the
environment which asset owners need to
be aware of and need to be able to
protect the full attack surface
so let's go ahead and look at the iiot
threat vectors these threat vectors are
not unique to iiot but they do exist
with the industrial internet of things
okay and essentially an iiot device can
get compromised or may be compromised
and may be then used for a denial of
service attack
an iiot device can lead to lateral
threat escalation on the network
it can lead to surveillance of the
network
an iiot device can lead to sabotage
attacks on operational technology
some of these devices are pretty
powerful right some of these Edge
Computers are powerful devices and if
compromised they can be used for
cryptocurrency mining activities
lastly the data on the device or the
date on the edge Gateway can get
encrypted leading to a ransomware attack
okay or you could have data that is
being exfiltrated from the factory once
again these threat vectors are not
unique to iiot what is different is that
these devices when introduced into the
OT environment significantly increase
the attack surface which needs to be
protected the consequences of a
compromise is also what is different
because if there is a compromise it can
have environment health and safety
implications as you're well aware
so I'll give you a second to read uh
this view of little Bob that or what
little Bobby has on the six two four
four three standards
[Music]
uh so what I am going to add is that uh
62443 is comprehensive
it's a comprehensive set of Standards it
also uh is consensus based and it can
actually run into thousands of pages
right thousands of pages of guidance
which makes reading all of this a
challenge
in order to level set on 62443 and the
standards uh so that we are all on the
same page it is a series of security
standards for Industrial Automation and
control systems it was jointly developed
and supported and managed by Isa and IEC
and therefore it's called Isa
iec62443 standards
it is structured into different groups
and you can see the groups of years you
have a general category you've got uh
policies and procedures components as
well as system
uh it is important to note that these
standards predate iiot right so they
were written before iiot uh you know
came into existence and therefore iiot
is not already represented in 62443 that
needs to change and that's one of the
challenges
so let's go ahead and take a look at the
the challenges uh with using 62443 for
the industrial Internet of Things the
first is that it predates iiot so it
came basically before iiot and therefore
you know the standards need to be
updated
um iiot introduces new communication
channels into the OT environment but
also brings in lots of new functionality
which asset owners can take advantage of
uh there are different roles in 62443 so
there is the asset owner role uh there
is the product supplier role there's
also a service provider role there is no
formal role for the cloud provider okay
so that needs to change a recognition
that a cloud provider can play a role in
62443 in the iiot environment uh and and
that's one of the changes that needs to
happen many of the requirements that
62443 has or does actually apply to
Cloud providers okay so it's not that so
there are some changes that need to be
made but many of the requirements
already apply to a cloud provider
uh six two four four three considers a
segmented environment so it considers
the segmentation it considers this
parameter-based security guess what when
you have iiot and you have these
connections coming in
um from that iiot introduces into the OT
environment and if you look at the
Purdue model you've got these
connections to external networks and
untrusted networks okay uh so Network
segmentation
is important but parameter-based
security alone is not sufficient you
really need to get into a zero trust
security model because now you have
these incremental connections uh that
are different layers of the OT stack
that have connections to external
untrusted Networks uh iiot upsets the
traditional para model and we took a
look at that in one of my earlier slides
where I showed you a different layers of
the Purdue model you can have iot
devices making connections to external
untrusted Networks
so what's actually changing in the
standards uh this is one of the
important changes that you will see to
the standard it is uh the TR or
technical report six to four four three
four dash three this was jointly created
and published by Isa 99 working group
nine I'm part of that committee and they
published this technical report it's
called 62443 4-3 it's also available as
an iecpas 62443 4-3 it is yet in draft
so it is not yet part of the standards
but it will be
uh it discusses the application of 62443
to iiot and in my view it's a great
document for asset owners because it
provides asset owners with prescriptive
guidance on introducing iiot into OT
environments and yet following the 62443
security standards
security Concepts like zones and
conduits have a new meaning for iiot and
we'll take a look at that momentarily
there is a section in the document that
has that talks about the special
considerations of using iiot with
cloud-based services
the document has no normative content so
there are no obligations and also this
document has got guidance but no
technical requirements the technical
requirements have not yet been written
and and that's one of the ongoing works
for the standards
so we'll now transition and take a look
at using Zone and conduit models uh
those of you in the room that have used
62443 this should not be a surprise
these are Zone and conduit diagrams they
follow six to four four three three-2
for risk assessments this is a really
simple example where I have a secondary
sensor connected to in the OT
environment connected to an asset so it
could be a temperature sensor or a
vibration sensor it is connected to an
industrial iot Gateway this gateway then
establishes a connection to an external
network or an untrusted Network like the
internet in order to get out get
connected to cloud services running
remotely okay so this is really a simple
use case in this use case we're using
the zone and conduit model so you've got
different zones you've got the local
Zone you've got an edge Zone and you can
have multiple trust zones in the cloud
as you can see right over here
uh this Zone and conduit model diagrams
are very useful even for industrial iot
use cases in order to understand threats
and vulnerabilities right in order to in
order to then inform your risk as well
as understanding consequences
so we briefly spoke about this earlier
that 62443 has got standards uh has got
sorry roles these roles are the acetona
role the product supplier role the
service provider role there is no role
for cloud provider okay and the cloud
provider can actually play multiple
roles multiple of the multiple existing
roles that 62443 has so for example uh
the cloud provider can be a product
supplier why is that because cloud
services is the product
uh the cloud provider can also be a
maintenance service provider and why is
that because the cloud provider
maintains cloud services and in some
cases the cloud provider can even be a
system integrator if the cloud provider
is playing the role of a system
integrator on an iiot project
so these are the changes that need to
happen in the standards in order to
recognize that there is a cloud provider
and the cloud provider does play a role
on iiot projects and related with 62443
so when asset owners do use iiot and
introduce iiot into their OT
environments uh there's always going to
be cloud services
so it's important for the asset owner to
understand what is called the shared
responsibility model for the cloud so
what is the shared responsibility model
essentially it is defined as security of
the cloud versus Security in the cloud
okay so the cloud provider is
responsible for security off the cloud
and the asset owner is responsible for
security in the cloud what does that
mean exactly
so this is another view of what I just
mentioned where the cloud provider is
responsible for the cloud infrastructure
right the data centers the services the
cloud infrastructure that's the cloud
provider's responsibility to secure that
part of the solution the asset owner on
the other hand is responsible for
security in the cloud which means that
they are applications okay they are OT
and iot applications that they place in
the cloud security for those
applications and security of that data
is the responsibility of the asset owner
the cloud provider does provide a lot of
Security Services as well as
prescriptive guidance in order to help
the asset owner with their part of the
responsibility
in addition to that the cloud provider
is continuously monitoring and achieving
third-party validation for literally
thousands of different
compliance requirements security
compliance requirements and the asset
owner can take advantage of all of that
okay because the asset owner inherits
those security controls that are
operated by the cloud provider
so we talked about the Purdue model and
how the Purdue model gets upset I do
want to mention that the Purdue model is
yet very useful okay and this is an
example of using the Purdue model with
industrial internet of things with
Industrial Automation and control
systems and uh this is the iiot security
architecture it is aligned and it is
based on the Purdue model you can see
the different layers or levels of the
model at the bottom so you've got level
zero one two and three zero one two and
three that's part of the OT Network or
the operational technology network if we
take a look at that I actually have some
details in this architecture which is
shown in in different cells so in the
top cell you've got plcs or industrial
automation systems that support insecure
protocols and in this security
architecture we're converting the
insecure protocol to a secure protocol
right so taking like modbus or ethernet
IP and converting it to a secure
protocol like OPC UA or mqtt and doing
that as close to the source as possible
I have a second cell there and in that
second cell if you notice I have a data
diode or a unidirectional Gateway in
order to Able so that you can get data
out of that cell without allowing
anything to go into that cell
in my third cell I've got modern PLC so
modern Industrial Automation and control
systems that support secure protocols
out of the box
under the last cell at the bottom is an
iiot device in the OT Network that
supports secure protocols like mqtt
between layer 3 and layer 4 I I'm
crossing the otit network boundary so
level four and level five is ITN cloud
between level three and four I cross the
otit network boundary and I've
introduced an idmz or an industrial
demilitarized zone which can inspect all
the traffic going northbound as well as
southbound you can establish there are
different ways to establish secure
connectivity to cloud services you can
see on the top you can go over a VPN
connection so you can have side to side
VPN you can have a private connection or
Direct Connect
in addition in the center uh you can
have uh you can go over the public
internet in order to connect to cloud
services on the cloud side you've got
different services that can ingest data
manage devices store data and build
industrial iot applications in addition
to that the cloud provider provides
Security Services in order to secure the
edge the industrial Edge and the cloud
so in the technical report 62443 4-3
there is a section in that report which
talks about
the security capability is that cloud
providers can provide okay so when
implementing industrial iot use cases
the asset owner can take advantage of
different security capabilities provided
by the cloud provider what are some of
these capabilities so you have connected
asset inventory to manage your assets
your connected assets and iiot devices
you have identity and access control so
the cloud provider provides mechanisms
that every device every iot device is
given a unique identity with an x.509
certificate and you can manage
fine-grained policies using iot policies
in addition to that the cloud provider
provides mechanisms in order to generate
rotate and revocate credentials for your
iiot devices
patching and software updates is super
important and critical for iiot devices
and these are capabilities and services
for over-the-air updates
securing The Edge Gateway so in iiot
you'll always have an industrial Edge
that consolidates the data pre-processes
the data and then sends it off to the
cloud so you've got to secure the
industrial Edge you've got to secure the
edge Gateway and you've got to secure
the credentials on the edge Gateway
uh there are different ways as I
mentioned to establish secure
connections to cloud services as well as
secure remote access to on-prem
resources you go to encrypt data both at
rest as well as in transit and the cloud
provider provides services to encrypt
your data at the edge in transit in the
cloud
alerting and monitoring across the full
attack surface
as well as alerting and mitigation the
ability to create a security data Lake
in the cloud and security analytics in
the cloud can be provided by the cloud
provider and last but not the least is
backup and recovery of OT data and iiot
data in the cloud so the cloud provider
provides lots of different Services very
useful for asset owners to take
advantage of when building and securing
industrial iot applications at scale
foreign
so let's transition to Let's transition
to certifications so Isa secure is the
certification Institute for 62443 uh and
with that we've got the first iiot
certification that is available today it
is the icsa certification or the iiot
component security Assurance
certification
it is for iiot devices so these include
iiot sensors they could be temperature
sensors vibration sensor any iot device
that establishes a direct connectivity
to cloud services or it could be an edge
Gateway that consolidates data from
multiple devices processes the data at
the edge and then sends it to the cloud
so if you have any of these devices an
iiot sensor or an iot device or an iiot
Gateway you can take advantage of this
certification that's available today
okay by Isa secure
getting into some details on the
certification it is for devices and
gateways there are two certification
tiers you have the code here as well as
the advanced tier it is based on 4-1 and
4-2 which is the component grouping of
standards
um it does have extensions as well as
exceptions in terms of extensions it
provides the ability for
compartmentalization on the device
um
controlling software updates so these
devices need to have the ability to
control and manage software updates
secure remote access to the device
uh strong methods of authentication
using pki and we talked about x.509
certificates earlier as well as
component resilience of to DDOS attacks
there is also a requirement for security
maintenance audit in order to maintain
your certifications it's important to
note that this certification the
component certification does not include
does not incorporate and does not have
in it cloud services okay so for cloud
services we've got the system
certification the system certification
is yet work in progress it is again
going to be based on
um 4-1 3-3 as well as 2-4 it's going to
consider iiot use cases so one type of I
iot use case is data being sent to the
cloud for visualization and analytics a
second type of use case could be a
closed loop use case where you have
command and control from the cloud down
to on-prem resources yeah so this
certification the system certification
is going to consider industrial iot use
cases most of the requirements that
62443 has does apply to Cloud providers
as I mentioned earlier and risk
assessment and Zone and conduit models
can be used we took a look at that
earlier when I showed you a simple iiot
use case which used the zone and conduit
model
so these are the two certifications the
the component certification and the
system certification which is yet a work
in progress
so finally and I'm almost out of time
I'd like to end by saying that
uh 62443 right in terms of
uh in terms of the standards
there's a lot in there that can support
industrial iot use cases okay uh it
really provides a strong Foundation
there's no need to start over 62443 can
be reused and built upon right and and
the required iot requirements can be
added four six two four four three to
support industrial iot use cases a new
interpretation of six to four for three
concepts is needed uh the new
requirements that need to be added to
the 62443 standards and specifically the
sections 4-1 4-2 3-3 and 2-4
it's important to note that the
technical report that is published and
the feedback that is received that's
going to provide valuable inputs to the
different committees and the different
working groups in order to go and create
the technical requirements okay that
then finally get added and incorporated
into the standards uh these
certifications Isa secure certification
and Ice certifications need to be
updated new training materials will need
to be added uh related to iiot and 62443
and last but not the least uh my view is
that these standards and certification
bodies need to move faster because this
is happening industrial iot is already
used and will continue to be used in OT
environments because asset owners need
to improve and and want to improve
operational efficiencies as well as you
know ensure that these continue to stay
competitive
a couple of wrap-up slides in terms of
IC secure supporters you have all the
traditional Industrial Automation and
control companies but you can also see
you've got Cloud providers uh supporting
the ISA secure standards as you can see
on the top right hand side
foreign
and then finally there's lots of good
content and material both in terms of
the study reports as well as the iiot
component certification and these
materials are available you know on on
on these links and the presentation of
course is is available to to all of you
uh so with that I want to wrap it up I
really uh it was a pleasure to give this
presentation today thank you for taking
the time uh to attend this uh to attend
this this presentation I'm happy to take
questions now I'm going to be around for
the rest of the week so please find me
and would love to chat thank you
thank you
[Applause]
تصفح المزيد من مقاطع الفيديو ذات الصلة
IEC 61499 Tutorial for Industrial Automation | Schneider Electric
Cybersecurity for Industrial Controls and Operational Technology Environments | Security Fabric
INTRODUCTION TO IOT- PART-I
Inovasi Smart City Berbasis Internet of Things
Security Standards - CompTIA Security+ SY0-701 - 5.1
Who Touched My GCP Project? Understanding the Principal Part in Cloud Audit Logs - Gabriel Fried
5.0 / 5 (0 votes)