ISA99 to develop report on IIoT cybersecurity

ISA99, Industrial Automation and Control Systems (IACS) Security, has begun work on an ISA technical report to be titled, Applying ISA-62443 to the Industrial Internet of Things (IIoT). Coverage will include general categories of IIoT devices within IACS, cybersecurity challenges, and rates of adoption in industry. The report will then serve as a guide in determining if any new and related ISA99 work products are required.

The technical report will be the first work product of Working Group 9, IIoT and Security, which was established by ISA99 to analyze the specific characteristics of the IIoT in terms of threats, attack surface, and vulnerabilities, and to examine whether the approach developed by ISA99 for securing a conventional IACS is appropriate and sufficient for IIoT. This assessment is vital, as the IIoT is a specific case of IACS with a very wide range of objects, an extended surface area, and a high scalability, resulting in a very large attack surface and new vulnerabilities. The working group will first examine the specific risks and new forms of attack to which the IIoT may be subject.

This project is one of numerous current development activities within ISA99 to support and advance the widely used ISA/IEC 62443 series of standards on IACS security. The standards are developed primarily by ISA99 as American National Standards, with simultaneous review and adoption by the Geneva-based International Electrotechnical Commission (IEC) through IEC partner committee TC65, Industrial-Process Measurement, Control and Automation. With more than 900 members, ISA99 draws on the input of cybersecurity experts across the globe in developing the standards, which are applicable to all industry sectors and critical infrastructure in providing a flexible and comprehensive framework to address and mitigate current and future security vulnerabilities in IACS.

ISA99 Working Group 9 is cochaired by Suzanne Lightman of the U.S. National Institute of Standards and Technology, and Eric Braun of Emerson Automation Solutions. For information on ISA99, contact Eliana Brazda, ISA Standards, For information on viewing or obtaining the ISA-62443 standards and technical reports, visit

Have an idea for an ISA standard, book, training course, conference topic, or other product or service? Send it to

More Standards

UL panel upholds ISA appeal of UL cybersecurity standard

ISA76 seeks user input on sample probe design

United Nations commission to integrate ISA/IEC 62443 into Cybersecurity Regulatory Framework

Updated fire and gas technical report completed by ISA84

ISA to provide end-user perspective in new smart manufacturing program

2018 ISA Standards Department award winners

New ISA/IEC 62443 standard specifies security capabilities for control system components

ISA84 approves IEC 61511, moves ahead on key supporting guidelines

Alarm Philosophy Technical Report supports ISA-18 standard

New ISA99 standard on developing products that are cybersecure by design

Awards cap productive year for ISA standards

New ISA guidelines for managing a calibration program

New ISA technical report on work processes in continuous process automation

Hazardous area installation challenges and solutions

See all Standards Articles

Your Thoughts

Please feel free to send your thoughts about this topic to Bill Lydon at