Chat.openai – Funksjonelle krav etter IEC 62443-1-1


What are the seven foundational requirements (FRs) of IEC TS 62443-1-1?


The IEC TS 62443-1-1 standard defines seven Foundational Requirements (FRs) for industrial automation and control systems (IACS) security programs, which are as follows:

  1. Identification and authentication control: It involves verifying the identity of users or devices attempting to access IACS networks and resources.
  2. Use control: It requires that access to IACS resources should only be granted based on the need-to-know and least privilege principles.
  3. Confidentiality: It involves protecting sensitive and confidential information from unauthorized access, disclosure, and modification.
  4. Integrity: It requires ensuring the accuracy and completeness of IACS data and preventing unauthorized modification or destruction of the data.
  5. Availability: It involves ensuring that IACS resources and services are available when needed, and recovering promptly from failures or disruptions.
  6. Security management: It requires implementing a systematic and comprehensive approach to IACS security management, including policies, procedures, and controls.
  7. System security: It involves implementing technical controls to protect IACS networks and systems from cybersecurity threats and vulnerabilities.

IEC 62443-1-1 ser ut til å beskrive struktur og grunnprinsipper for hele IEC 62443 standardserien inklusive også prinsipper for funksjonelle krav. De forskjellige standardene stiller både krav til organisasjon, arbeidsmetoder og produktegenskaper. IEC 62443-3-3 og IEC 62443-4-2 ser ut til å være de som har mest fokus på sluttproduktets produktegenskaper i forhold til Cyber Security.