Безопасность информационных технологий (Jun 2020)
Development of secure architectures for process control systems
Abstract
The IEC 62443 standard is the main document describing the requirements for building secure industrial control systems. However, a number of aspects are not properly described or not sufficiently detailed in the standard, and require additional detail for a proper implementation. In particular, the paper highlights main stages of secure industrial control systems architecture development. Secure architecture development approach is based on the “zones and conduits” concept and includes detailed description of inventory stage and zones and conduits determination. Considering that emergency shutdown systems (safety systems) are the key element preventing assets from major accidents, special attention is paid to its integration with control systems. Several integration methods are described with its advantages and disadvantages noted. Recommendations for the practical implementation of the proposed methodology are given.
Keywords