ISA's SP99 Security Standards Committee makes progress
The committee has conducted a second round of voting on the draft standard, Security for Industrial Automation and Control Systems Part 1: Terminology, Concepts and Models. The draft received enough votes to pass, but the committee will evaluate all comments and reissue another draft if necessary. This first standard will establish the context for all of the remaining standards in the ISA-99 series by defining a common set of terminology, concepts and models for electronic security.
The planned Part 2 standard in the ISA-99 series, Establishing an Industrial Automation and Control Systems Security Program, is being prepared for its own second committee ballot in the coming months. This standard will provide guidance for developing a program for the security of industrial automation and control systems-including detailed guidance on process activities and key elements for establishing a cyber security management system.
In addition to the work on the Part 1 and Part 2 standards, ISA-SP99 has also established a new working group to develop a further standard in the series, Specific Security Requirements for Industrial Automation and Control Systems. This standard will define the characteristics of industrial automation and control systems that differentiate them from other information technology systems from a security point of view. Based on these characteristics, the standard will establish the security requirements that are unique to this class of systems. Valuable technical input into this standard is anticipated from related work within the International Electrotechnical Commission (IEC). Valuable input and support is also expected from key U.S. government entities including the Department of Homeland Security, the Department of Energy, Idaho National Laboratory, and the National Institute for Standards and Technology - all of which have provided vital support throughout the ISA-SP99 initiative.
Beyond its work on the initial standards in the ISA-99 series, the committee is also planning to release a revised and updated technical report, first published in 2004, for committee vote. This technical report, Security Technologies for Industrial Automation and Controls Systems, focuses on identifying and evaluating currently available technologies for control systems security, covering areas including:
Each technology is discussed in terms of security vulnerabilities addressed by the technology, typical deployment, known issues and weaknesses, use in the industrial automation and control systems environment, future directions, recommendations and guidance, and references.
"This document is intended to document the known state-of-the-art of cyber security technologies as applied to the industrial automation and control systems environment," said technical report working group co-chair Eric Byres of Byres Security. "We're going to clearly define what can reasonably be deployed today, and identify areas where more research is needed."
"ISA-SP99 is doing an amazing amount of high-quality work," stated committee chair Bryan Singer of FluidIQs. "These standards and guidelines will truly make a difference in industrial automation and control systems security, and we're committed to continuing our progress."
ISA's SP99 committee has over 250 members representing a variety of companies, organizations and expertise from across industry, government, and academia. The committee is focused on industrial automation and control systems whose compromise could result in endangerment of the public or employees, regulatory violations, loss of proprietary or confidential information, and national security risks. The concept of manufacturing and control systems electronic security is applied in the broadest possible sense, encompassing all types of plants, facilities, and systems in all industries.
Founded in 1945, ISA is a leading, global, nonprofit organization that is setting the standard for automation by helping over 30,000 worldwide members and other professionals solve difficult technical problems, while enhancing their leadership and personal career capabilities. Based in Research Triangle Park, North Carolina, ISA develops standards; certifies industry professionals; provides education and training; publishes books and technical articles; and hosts the largest conference and exhibition for automation professionals in the Western Hemisphere. ISA is the founding sponsor of The Automation Federation.
MORE INDUSTRY NEWS
Teradyne announces Jürgen von Hollen as Universal Robots president
Mr. von Hollen was most recently the Executive President of the Engineering Solutions Division, which includes the Automation and Controls business...
OpenSky and TÜV Rheinland to join RSA SecurWorld partner program
The relationship will combine RSA's RSA Archer GRC Suite of business risk management solutions with and TÜV Rheinland’s and OpenSky's expertise...
Antaira partners with Simantec to expand to Brazil
Simantec Automation has expanded their branch offices in Santos, São Paulo, Brazil, as an official distributor partner of Antaira, in order to...
Siemens to highlight IIoT applications at SPS IPC Drives 2016
Working together with customers from both the discrete manufacturing and process industry, Siemens is developing new solutions for plant and...
Inductive Automation announces six winners of 2016 Firebrand Awards
The Ignition Firebrand Awards recognize system integrators and industrial organizations that use the Ignition software platform to create...
Northeast Tool chooses Epicor ERP to improve resource management
One of the biggest drivers that prompted a search for a new ERP system was the need to interact with other systems across the company, in addition...
Werum's PAS-X MES turns Turkish pharma manufacturer digital
Mustafa Nevzat Pharmaceuticals has successfully taken Werum’s PAS-X Weighing & Dispensing into operation at their main manufacturing site in...
GE to help Spirit Aerosystems forward to the Industrial Internet
Looking to increase production of critical aviation industry products, Spirit AeroSystems will implement Efficiency Analyzer on Predix, GE’s...
Leading2Lean cloud-based solutions helps food company save $2M
West Liberty Foods, based in West Liberty, Iowa, saved $2 million in maintenance costs with Leading2Lean through greater visibility to where money...
The Inside Story: Visualizing Column Hydraulic Behavior and the Product Ecosystem
By Jennifer Dyment, AspenTech
We all want the inside story. Greater visibility into asset performance can help chemical and energy companies gain...