civilinfrastructureplatform:cip-cybersecurity
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
civilinfrastructureplatform:cip-cybersecurity [2018/04/16 06:57] SZLin |
civilinfrastructureplatform:cip-cybersecurity [2019/08/26 08:19] (current) yoshidak [Cyber security standard for industry (IEC62443-4)] |
||
|---|---|---|---|
| Line 3: | Line 3: | ||
| This wiki page describes the policies and recommendations with Cyber security standard for industry (IEC62443-4), in order to meet Industrial Grade requirements. | This wiki page describes the policies and recommendations with Cyber security standard for industry (IEC62443-4), in order to meet Industrial Grade requirements. | ||
| + | Note: This page shows the results of previous investigation on IEC62443-4. The latest information is shared on the [[civilinfrastructureplatform:cip-security|CIP Security working group]] page. | ||
| ===== Cyber security certificate ===== | ===== Cyber security certificate ===== | ||
| Line 13: | Line 14: | ||
| An embedded device that meets the requirements of the ISASecure EDSA specification earns the ISASecure EDSA certification; a trademarked designation that provides instant recognition of product security characteristics and capabilities, and provides an independent industry stamp of approval similar to a ‘Safety Integrity Level’ Certification (ISO/IEC 61508). | An embedded device that meets the requirements of the ISASecure EDSA specification earns the ISASecure EDSA certification; a trademarked designation that provides instant recognition of product security characteristics and capabilities, and provides an independent industry stamp of approval similar to a ‘Safety Integrity Level’ Certification (ISO/IEC 61508). | ||
| - | ISASecure EDSA is a certification program for embedded devices, where a product is considered to be an embedded device if it satisfies the definition provided in 3.1.18 of EDSA-100. (Embedded device: special purpose device running embedded software designed to directly monitor, control or actuate an industrial process). The elements of an EDSA certification are illustrated in Figure 1 below. | + | ISASecure EDSA is a certification program for embedded devices, where a product is considered to be an embedded device if it satisfies the definition provided in 3.1.18 of EDSA-100. (Embedded device: special purpose device running embedded software designed to directly monitor, control or actuate an industrial process). |
| In order to obtain ISASecure EDSA certification, a supplier must pass a security development lifecycle process assessment (SDLPA). Based upon this assessment, an ISASecure SDLA process certification is granted as described in SDLA-100. A supplier may already hold an SDLA process certification when they apply for an EDSA certification, or may apply for EDSA and SDLA certification in parallel. ISASecure certification of embedded devices has three additional elements: | In order to obtain ISASecure EDSA certification, a supplier must pass a security development lifecycle process assessment (SDLPA). Based upon this assessment, an ISASecure SDLA process certification is granted as described in SDLA-100. A supplier may already hold an SDLA process certification when they apply for an EDSA certification, or may apply for EDSA and SDLA certification in parallel. ISASecure certification of embedded devices has three additional elements: | ||
| - | · Security Development Artifacts for embedded devices (SDA-E); | + | * Security Development Artifacts for embedded devices (SDA-E); |
| - | · Functional Security Assessment for embedded devices (FSA-E); and | + | * Functional Security Assessment for embedded devices (FSA-E); and |
| - | · Embedded device robustness testing (ERT). | + | * Embedded device robustness testing (ERT). |
| - | SDLPA and SDA-E both assess development process, hence are grouped under "Security Development Assessment" in Figure 1 below. SDA-E examines the artifacts that are the outputs of the supplier’s security development processes as they apply to the embedded device to be certified. FSA-E examines the security capabilities of the device, while recognizing that in some cases security functionality may be allocated to other components of the device’s overall system environment. | + | SDLPA and SDA-E both assess development process, hence are grouped under "Security Development Assessment". SDA-E examines the artifacts that are the outputs of the supplier’s security development processes as they apply to the embedded device to be certified. FSA-E examines the security capabilities of the device, while recognizing that in some cases security functionality may be allocated to other components of the device’s overall system environment. |
| ERT has two major elements - Vulnerability Identification Testing (VIT) and Communication Robustness Testing (CRT). VIT scans the device for the presence of known vulnerabilities. CRT examines the capability of the device to adequately maintain essential functions while being subjected to normal and erroneous network protocol traffic at normal to extremely high traffic rates (flood conditions). | ERT has two major elements - Vulnerability Identification Testing (VIT) and Communication Robustness Testing (CRT). VIT scans the device for the presence of known vulnerabilities. CRT examines the capability of the device to adequately maintain essential functions while being subjected to normal and erroneous network protocol traffic at normal to extremely high traffic rates (flood conditions). | ||
| Line 28: | Line 29: | ||
| All levels of certification include the certification elements above. The SDLPA and SDA-S assessments are the same for all certification levels with the exception of allowable residual risk for known security issues. FSA-E and VIT increase in rigor for levels greater than 1; pass/fail criteria for VIT reference applicable FSA-E requirements. CRT criteria are the same regardless of certification level. | All levels of certification include the certification elements above. The SDLPA and SDA-S assessments are the same for all certification levels with the exception of allowable residual risk for known security issues. FSA-E and VIT increase in rigor for levels greater than 1; pass/fail criteria for VIT reference applicable FSA-E requirements. CRT criteria are the same regardless of certification level. | ||
| + | |||
| + | == Embedded Device Security Assurance (EDSA) Certification Scheme Description == | ||
| + | |||
| + | * {{ :civilinfrastructureplatform:edsa-100-certification-scheme_v3_3_.pdf |EDSA-100 ISASecure Certification Scheme v3.3}} | ||
| + | |||
| + | - Security Development Lifecycle Process Assessment (SDLPA) | ||
| + | - Security Development Artifacts for embedded devices (SDA-E) | ||
| + | - Functional Security Assessment for embedded devices (FSA-E) | ||
| + | - Embedded device robustness testing (ERT) | ||
civilinfrastructureplatform/cip-cybersecurity.1523861837.txt.gz · Last modified: 2018/04/16 06:57 by SZLin
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Noncommercial-Share Alike 4.0 International
