Industrial Cybersecurity, IKERLAN Technology Research Center, Basque Research and Technology Alliance (BRTA), P.J.M. Arizmendiarrieta 2, 20500 Arrasate/Mondragón, Spain.
Sensors (Basel). 2020 Dec 14;20(24):7160. doi: 10.3390/s20247160.
New generation Industrial Automation and Control Systems (IACS) are providing advanced connectivity features, enabling new automation applications, services and business models in the Industrial Internet of Things (IIoT) era. Nevertheless, due to the extended attack surface and increasing number of cyber-attacks against industrial equipment, security concerns arise. Hence, these systems should provide enough protection and resiliency against cyber-attacks throughout their entire lifespan, which, in the case of industrial systems, may last several decades. A sound and complete management of security issues and software updates is fundamental to achieve such goal, since leading-edge security countermeasures implemented in the development phase may eventually become out-of-date. In this article, a review of the IEC 62443 industrial security standard concerning the security maintenance of IIoT systems and components is given, along with guidelines for the implementation of such processes. As concluded, the security issues and software updates management shall jointly be addressed by the asset owner, service providers and product suppliers. These security processes should also be compatible with the safety procedures established by safety standards.
新一代工业自动化和控制系统 (IACS) 提供了先进的连接功能,使工业物联网 (IIoT) 时代能够实现新的自动化应用、服务和商业模式。然而,由于工业设备面临的攻击面不断扩大,以及针对工业设备的网络攻击日益增多,安全问题开始出现。因此,这些系统应该在整个生命周期内提供足够的网络安全防护和弹性,以应对网络攻击,而在工业系统的情况下,这可能需要几十年的时间。要实现这一目标,妥善且全面地管理安全问题和软件更新至关重要,因为在开发阶段实施的先进安全对策最终可能会变得过时。本文对 IEC 62443 工业安全标准进行了回顾,涉及 IIoT 系统和组件的安全维护,并提供了实施此类流程的指南。结论认为,安全问题和软件更新的管理应由资产所有者、服务提供商和产品供应商共同负责。这些安全流程还应与安全标准规定的安全程序相兼容。
