Remerciez-le!

Remerciez @Admin pour avoir partagé cet document gratuitement, de la manière la plus simple, en partageant sur les réseaux sociaux.

Info iec62443 3 2 ed1 0 b This is a preview - click here to buy the full publication INTERNATIONAL STANDARD NORME INTERNATIONALE IEC - - Edition - colour inside Security for industrial automation and control systems ?? Part - Security risk assessment for

This is a preview - click here to buy the full publication INTERNATIONAL STANDARD NORME INTERNATIONALE IEC - - Edition - colour inside Security for industrial automation and control systems ?? Part - Security risk assessment for system design Sécurité des systèmes d'automatisation et de commande industriels ?? Partie - Évaluation des risques de sécurité pour la conception des systèmes INTERNATIONAL ELECTROTECHNICAL COMMISSION COMMISSION ELECTROTECHNIQUE INTERNATIONALE ICS ISBN - - - - Warning Make sure that you obtained this publication from an authorized distributor Attention Veuillez vous assurer que vous avez obtenu cette publication via un distributeur agréé Registered trademark of the International Electrotechnical Commission Marque déposée de la Commission Electrotechnique Internationale CThis is a preview - click here to buy the full publication ?? ?? IEC - - ? IEC CONTENTS FOREWORD INTRODUCTION Scope Normative references Terms de ?nitions abbreviated terms acronyms and conventions Terms and de ?nitions Abbreviated terms and acronyms Conventions Zone conduit and risk assessment requirements Overview ZCR Identify the SUC ZCR Identify the SUC perimeter and access points ZCR Initial cyber security risk assessment ZCR Perform initial cyber security risk assessment ZCR Partition the SUC into zones and conduits Overview ZCR Establish zones and conduits ZCR Separate business and IACS assets ZCR Separate safety related assets ZCR Separate temporarily connected devices ZCR Separate wireless devices ZCR Separate devices connected via external networks ZCR Risk comparison Overview ZCR Compare initial risk to tolerable risk ZCR Perform a detailed cyber security risk assessment Overview ZCR Identify threats ZCR Identify vulnerabilities ZCR Determine consequence and impact ZCR Determine unmitigated likelihood ZCR Determine unmitigated cyber security risk ZCR Determine SL-T ZCR Compare unmitigated risk with tolerable risk ZCR Identify and evaluate existing countermeasures ZCR Reevaluate likelihood and impact ZCR Determine residual risk ZCR Compare residual risk with tolerable risk ZCR Identify additional cyber security countermeasures ZCR Document and communicate results ZCR Document cyber security requirements assumptions and constraints Overview ZCR Cyber security requirements speci ?cation ZCR SUC description ZCR Zone and conduit drawings ZCR Zone and conduit characteristics ZCR Operating environment assumptions CThis is a preview - click here to buy the full publication IEC - - ? IEC ?? ?? ZCR Threat environment ZCR Organizational security policies ZCR Tolerable risk ZCR Regulatory requirements ZCR Asset owner approval Overview ZCR Attain asset owner approval Annex A informative Security levels Annex B informative Risk matrices Bibliography Figure ?? Work ow diagram outlining the primary steps required to establish zones and conduits as well as to assess risk Figure ?? Detailed cyber security risk assessment work ow per zone or conduit Table B ?? Example of a x risk matrix Table B ?? Example of likelihood scale Table B ?? Example of consequence or severity scale Table B ?? Example of a simple x risk matrix Table B ?? Example of a x risk matrix Table B ?? Example of a x matrix CThis is a preview - click here to buy the full publication ?? ?? IEC - - ?