Читать книгу Industrial Control Systems (ICS): what to consider when protecting industrial assets from cyber threats? Part 1. Secure ICS Architecture design - Ian Suhih - Страница 4

The concept of "zones and conduits" described in IEC 62443, despite its shortcomings, is an excellent basis for development of the secure ICS architecture. The concept of "zones and conduits" describes how different systems interact with each other, how and in what form information is transmitted between systems and the differences in security requirements in different zones. This concept is initially focused on ICS. In addition, recommendations from the following standards were used in this paper:

– "Cyber Security for Industrial Automation and Control Systems (IACS) EDITION 2", developed by the UK Health and Safety Executive and focused on the practical implementation of IEC 62443.

– "Framework for Improving Critical Infrastructure Cybersecurity" by National Institute of Standards and Technology, which allows a high-level, but structured and comprehensive assessment of the current state of a company’s cybersecurity. It also allows to plan improvements to cybersecurity.

– Local standards that are mandatory in the country, but may be inferior to international standards in terms of detail and level of coverage.

I would like to note that despite differences in legislative requirements in different countries, the principles and approaches to ICS cybersecurity are the same everywhere.