Drives and Controls Magazine
Home
Menu

US standard tackles cyber-security for automation

03 January, 2008

A new American National Standard addresses the issue of cyber-security for industrial automation and control systems (IACSs). It has been published by the ISA, along with an updated technical report which assesses currently available cyber-security tools, counter-measures, and technologies.

The new standard, ANSI/ISA-99.00.01-2007, Security for industrial automation and control systems. Part 1: Terminology, concepts, and models, is the first in a series of standards that will address this topic. Part 1 will serve as the foundation for additional standards currently under development.

The guidelines in the accompanying technical report (Security Technologies for Industrial Automation and Control Systems) apply to existing and new IACSs used to regulate and monitor numerous industries and critical infrastructures.

The report describes key categories of cyber-security technologies, the types of product available in each category, and the pros and cons of using those products relative to expected threats and known cyber vulnerabilities. It also provides recommendations and guidance for using cyber-security products and counter-measures.

The ISA is also setting up a Security Compliance Institute which will identify and promote security standards-compliant products and systems for IACS applications. Compliant products or systems will be entitled to carry an ISASecure designation.