IEC 62443 – Industrial Cybersecurity Standard
IEC 62443 is the leading global cybersecurity standard specifically designed for Industrial Automation and Control Systems (ICS/OT).
Application Domains
The standard is tailored for high-stakes environments where security and reliability are paramount, including:
- Power plants
- Manufacturing facilities
- Oil and gas infrastructure
- Water and transportation systems
Zone and Conduit Security Model
This model is fundamental to limiting the impact of potential breaches and preventing lateral movement within industrial networks:
- Zones: Group assets together based on similar security needs and requirements.
- Conduits: Control and secure all communication flows between different zones.
Security Levels (SL)
Products and systems are certified against four distinct levels of protection capability:
- SL-1: Basic protection against casual or coincidental violations.
- SL-2: Protection against common cyber threats and intentional violations.
- SL-3: Protection against skilled attackers utilizing sophisticated tools.
- SL-4: Protection against highly resourced attackers with advanced skillsets.