• ISA99, Industrial Automation and Control Systems Security


    Standards Button

    The ISA99 standards development committee brings together industrial cyber security experts from across the globe to develop ISA standards on industrial automation and control systems security. This original and ongoing ISA99 work is being utiilized by the International Electrotechnical Commission in producing the multi-standard IEC 62443 series.

    Below you will see the official scope and purpose of ISA99, and the complete list of experts currently on the committee. New participants are always welcome -- and you need not be a member of ISA to participate.

    For the latest information on ISA99 and the ongoing development of the ISA/IEC 62443 series of standards on the cyber security of industrial automation and control systems,  please visit: ISA99 Wiki.

    ISA99 Scope

    The ISA99 Committee addresses industrial automation and control systems whose compromise could result in any or all of the following situations:

    • endangerment of public or employee safety
    • loss of public confidence
    • violation of regulatory requirements
    • loss of proprietary or confidential information
    • economic loss
    • impact on national security

    The concept of manufacturing and control systems electronic security is applied in the broadest possible sense, encompassing all types of plants, facilities, and systems in all industries.  Manufacturing and control systems include, but are not limited to:

    • hardware and software systems such as DCS, PLC, SCADA, networked electronic sensing, and monitoring and diagnostic systems
    • associated internal, human, network, or machine interfaces used to provide control, safety, and manufacturing operations functionality to continuous, batch, discrete, and other processes.

    Physical security is an important component in the overall integrity of any control system environment, but it is not specifically addressed in this series of documents.

    ISA99 Purpose

    The ISA99 Committee will establish standards, recommended practices, technical reports, and related information that will define procedures for implementing electronically secure manufacturing and control systems and security practices and assessing electronic security performance.    Guidance is directed towards those responsible for designing, implementing, or managing manufacturing and control systems and shall also apply to users, system integrators, security practitioners, and control systems manufacturers and vendors. 

    The Committee's focus is to improve the confidentiality, integrity, and availability of components or systems used for manufacturing or control and provide criteria for procuring and implementing secure control systems. Compliance with the Committee's guidance will improve manufacturing and control system electronic security, and will help identify vulnerabilities and address them, thereby reducing the risk of compromising confidential information or causing Manufacturing Control Systems degradation or failure.

    The Co-Chairs of ISA99 are Jim Gilsinn and Eric Cosman.  If you are interested in assisting in the work of ISA99, or would like more information, please contact Charley Robinson, ISA Standards.

  • Contacts

    All »
    Eric Cosman
    James Gilsinn