ISA99, Industrial Automation and Control Systems (IACS) Security, has begun work on an ISA technical report to be titled, Applying ISA-62443 to the Industrial Internet of Things (IIoT). Coverage will include general categories of IIoT devices within IACS, cybersecurity challenges, and rates of adoption in industry. The report will then serve as a guide in determining if any new and related ISA99 work products are required.
The technical report will be the first work product of Working Group 9, IIoT and Security, which was established by ISA99 to analyze the specific characteristics of the IIoT in terms of threats, attack surface, and vulnerabilities, and to examine whether the approach developed by ISA99 for securing a conventional IACS is appropriate and sufficient for IIoT. This assessment is vital, as the IIoT is a specific case of IACS with a very wide range of objects, an extended surface area, and a high scalability, resulting in a very large attack surface and new vulnerabilities. The working group will first examine the specific risks and new forms of attack to which the IIoT may be subject.
This project is one of numerous current development activities within ISA99 to support and advance the widely used ISA/IEC 62443 series of standards on IACS security. The standards are developed primarily by ISA99 as American National Standards, with simultaneous review and adoption by the Geneva-based International Electrotechnical Commission (IEC) through IEC partner committee TC65, Industrial-Process Measurement, Control and Automation. With more than 900 members, ISA99 draws on the input of cybersecurity experts across the globe in developing the standards, which are applicable to all industry sectors and critical infrastructure in providing a flexible and comprehensive framework to address and mitigate current and future security vulnerabilities in IACS.
ISA99 Working Group 9 is cochaired by Suzanne Lightman of the U.S. National Institute of Standards and Technology, and Eric Braun of Emerson Automation Solutions. For information on ISA99, contact Eliana Brazda, ISA Standards, firstname.lastname@example.org. For information on viewing or obtaining the ISA-62443 standards and technical reports, visit www.isa.org/findstandards.