ДСТУ EN IEC 62443-4-2:2022 Безпека систем промислової автоматизації та управління. Частина 4-2. Технічні вимоги щодо безпеки для компонентів IACS (EN IEC 62443-4-2:2019, IDT; IEC 62443-4-2:2019, IDT)



ДСТУ EN IEC 62443-4-2:2022
(EN IEC 62443-4-2:2019, IDT; IEC 62443-4-2:2019, IDT)

Безпека систем промислової автоматизації та управління. Частина 4-2. Технічні вимоги щодо безпеки для компонентів IACS

 
   
 
 
     
Не є офіційним виданням.
Офіційне видання розповсюджує національний орган стандартизації
(ДП «УкрНДНЦ» http://uas.gov.ua)

Contents

Forewords

Introduction

1 Scope

2 Normative references

3 Terms, definitions, abbreviated terms, acronyms, and conventions

3.1 Terms and definitions

3.2 Abbreviated terms and acronyms

3.3 Conventions

4 Common component security constraints

4.1 Overview

4.2 CCSC 1: Support of essential functions

4.3 CCSC 2: Compensating countermeasures

4.4 CCSC 3: Least privilege

4.5 CCSC 4: Software development process

5 FR 1- Identification and authentication control

5.1 Purpose and SL- C(IAC) descriptions

5.2 Rationale

5.3 CR 1.1- Human user identification and authentication

5.3.1 Requirement

5.3.2 Rationale and supplemental guidance

5.3.3 Requirement enhancements

5.3.4 Security levels

5.4 CR 1.2- Software process and device identification and authentication

5.4.1 Requirement

5.4.2 Rationale and supplemental guidance

5.4.3 Requirement enhancements

5.4.4 Security levels

5.5 CR 1.3- Account management

5.5.1 Requirement

5.5.2 Rationale and supplemental guidance

5.5.3 Requirement enhancements

5.5.4 Security levels

5.6 CR 1.4- Identifier management

5.6.1 Requirement

5.6.2 Rationale and supplemental guidance

5.6.3 Requirement enhancements

5.6.4 Security levels

5.7 CR 1.5- Authenticator management

5.7.1 Requirement

5.7.2 Rationale and supplemental guidance

5.7.3 Requirement enhancements

5.7.4 Security levels

5.8 CR 1.6- Wireless access management

5.9 CR 1.7 - Strength of password- based authentication

5.9.1 Requirement

5.9.2 Rationale and supplemental guidance

5.9.3 Requirement enhancements

5.9.4 Security levels

5.10 CR 1.8 - Public key infrastructure certificates

5.10.1 Requirement

5.10.2 Rationale and supplemental guidance

5.10.3 Requirement enhancements

5.10.4 Security levels

5.11 CR 1.9 - Strength of public key- based authentication

5.11.1 Requirement

5.11.2 Rationale and supplemental guidance

5.11.3 Requirement enhancements

5.11.4 Security levels

5.12 CR 1.10 - Authenticator feedback

5.12.1 Requirement

5.12.2 Rationale and supplemental guidance

5.12.3 Requirement enhancements

5.12.4 Security levels

5.13 CR 1.11 - Unsuccessful login attempts

5.13.1 Requirement

5.13.2 Rationale and supplemental guidance

5.13.3 Requirement enhancements

5.13.4 Security levels

5.14 CR 1.12 - System use notification

5.14.1 Requirement

5.14.2 Rationale and supplemental guidance

5.14.3 Requirement enhancements

5.14.4 Security levels

5.15 CR 1.13 - Access via untrusted networks

5.16 CR 1.14 - Strength of symmetric key- based authentication

5.16.1 Requirement

5.16.2 Rationale and supplemental guidance

5.16.3 Requirement enhancements

5.16.4 Security levels

6 FR 2 - Use control

6.1 Purpose and SL- C(UC) descriptions

6.2 Rationale

6.3 CR 2.1 - Authorization enforcement

6.3.1 Requirement

6.3.2 Rationale and supplemental guidance

6.3.3 Requirement enhancements

6.3.4 Security levels

6.4 CR 2.2 - Wireless use control

6.4.1 Requirement

6.4.2 Rationale and supplemental guidance

6.4.3 Requirement enhancements

6.4.4 Security levels

6.5 CR 2.3- Use control for portable and mobile devices

6.6 CR 2.4- Mobile code

6.7 CR 2.5- Session lock

6.7.1 Requirement

6.7.2 Rationale and supplemental guidance

6.7.3 Requirement enhancements

6.7.4 Security levels

6.8 CR 2.6- Remote session termination

6.8.1 Requirement

6.8.2 Rationale and supplemental guidance

6.8.3 Requirement enhancements

6.8.4 Security levels

6.9 CR 2.7- Concurrent session control

6.9.1 Requirement

6.9.2 Rationale and supplemental guidance

6.9.3 Requirement enhancements

6.9.4 Security levels

6.10 CR 2.8- Auditable events

6.10.1 Requirement

6.10.2 Rationale and supplemental guidance

6.10.3 Requirement enhancements

6.10.4 Security levels

6.11 CR 2.9- Audit storage capacity

6.11.1 Requirement

6.11.2 Rationale and supplemental guidance

6.11.3 Requirement enhancements

6.11.4 Security levels

6.12 CR 2.10- Response to audit processing failures

6.12.1 Requirement

6.12.2 Rationale and supplemental guidance

6.12.3 Requirement enhancements

6.12.4 Security levels

6.13 CR 2.11- Timestamps

6.13.1 Requirement

6.13.2 Rationale and supplemental guidance

6.13.3 Requirement enhancements

6.13.4 Security levels

6.14 CR 2.12- Non-repudiation

6.14.1 Requirement

6.14.2 Rationale and supplemental guidance

6.14.3 Requirement enhancements

6.14.4 Security levels

6.15 CR 2.13- Use of physical diagnostic and test interfaces

7 FR 3- System integrity

7.1 Purpose and SL- C(Si) descriptions

7.2 Rationale

7.3 CR 3.1 - Communication integrity

7.3.1 Requirement

7.3.2 Rationale and supplemental guidance

7.3.3 Requirement enhancements

7.3.4 Security levels

7.4 CR 3.2 - Protection from malicious code

7.5 CR 3.3 - Security functionality verification

7.5.1 Requirement

7.5.2 Rationale and supplemental guidance

7.5.3 Requirement enhancements

7.5.4 Security levels

7.6 CR 3.4 - Software and information integrity

7.6.1 Requirement

7.6.2 Rationale and supplemental guidance

7.6.3 Requirement enhancements

7.6.4 Security levels

7.7 CR 3.5 - Input validation

7.7.1 Requirement

7.7.2 Rationale and supplemental guidance

7.7.3 Requirement enhancements

7.7.4 Security levels

7.8 CR 3.6 - Deterministic output

7.8.1 Requirement

7.8.2 Rationale and supplemental guidance

7.8.3 Requirement enhancements

7.8.4 Security levels

7.9 CR 3.7 - Error handling

7.9.1 Requirement

7.9.2 Rationale and supplemental guidance

7.9.3 Requirement enhancements

7.9.4 Security levels

7.10 CR 3.8 - Session integrity

7.10.1 Requirement

7.10.2 Rationale and supplemental guidance

7.10.3 Requirement enhancements

7.10.4 Security levels

7.11 CR 3.9 - Protection of audit information

7.11.1 Requirement

7.11.2 Rationale and supplemental guidance

7.11.3 Requirement enhancements

7.11.4 Security levels

7.12 CR 3.10 - Support for updates

7.13 CR 3.11 - Physical tamper resistance and detection

7.14 CR 3.12 - Provisioning product supplier roots of trust

7.15 CR 3.13 - Provisioning asset owner roots of trust

7.16 CR 3.14 - Integrity of the boot process

8 FR 4 - Data confidentiality

8.1 Purpose and SL- C(DC) descriptions

8.2 Rationale

8.3 CR 4.1 - Information confidentiality

8.3.1 Requirement

8.3.2 Rationale and supplemental guidance

8.3.3 Requirement enhancements

8.3.4 Security levels

8.4 CR 4.2 - Information persistence

8.4.1 Requirement

8.4.2 Rationale and supplemental guidance

8.4.3 Requirement enhancements

8.4.4 Security levels

8.5 CR 4.3 - Use of cryptography

8.5.1 Requirement

8.5.2 Rationale and supplemental guidance

8.5.3 Requirement enhancements

8.5.4 Security levels

9 FR 5 - Restricted data flow

9.1 Purpose and SL- C(RDF) descriptions

9.2 Rationale

9.3 CR 5.1 - Network segmentation

9.3.1 Requirement

9.3.2 Rationale and supplemental guidance

9.3.3 Requirement enhancements

9.3.4 Security levels

9.4 CR 5.2 - Zone boundary protection

9.5 CR 5.3 - General-purpose person- to- person communication restrictions

9.6 CR 5.4 - Application partitioning

10 FR 6 - Timely response to events

10.1 Purpose and SL- C(TRE) descriptions

10.2 Rationale

10.3 CR 6.1 - Audit log accessibility

10.3.1 Requirement

10.3.2 Rationale and supplemental guidance

10.3.3 Requirement enhancements

10.3.4 Security levels

10.4 CR 6.2 - Continuous monitoring

10.4.1 Requirement

10.4.2 Rationale and supplemental guidance

10.4.3 Requirement enhancements

10.4.4 Security levels

11 FR 7 - Resource availability

11.1 Purpose and SL- C(RA) descriptions

11.2 Rationale

11.3 CR 7.1 - Denial of service protection

11.3.1 Requirement

11.3.2 Rationale and supplemental guidance

11.3.3 Requirement enhancements

11.3.4 Security levels

11.4 CR 7.2 - Resource management

11.4.1 Requirement

11.4.2 Rationale and supplemental guidance

11.4.3 Requirement enhancements

11.4.4 Security levels

11.5 CR 7.3 - Control system backup

11.5.1 Requirement

11.5.2 Rationale and supplemental guidance

11.5.3 Requirement enhancements

11.5.4 Security levels

11.6 CR 7.4 - Control system recovery and reconstitution

11.6.1 Requirement

11.6.2 Rationale and supplemental guidance

11.6.3 Requirement enhancements

11.6.4 Security levels

11.7 CR 7.5 - Emergency power

11.8 CR 7.6 - Network and security configuration settings

11.8.1 Requirement

11.8.2 Rationale and supplemental guidance

11.8.3 Requirement enhancements

11.8.4 Security levels

11.9 CR 7.7 - Least functionality

11.9.1 Requirement

11.9.2 Rationale and supplemental guidance

11.9.3 Requirement enhancements

11.9.4 Security levels

11.10 CR 7.8 - Control system component inventory

11.10.1 Requirement

11.10.2 Rationale and supplemental guidance

11.10.3 Requirement enhancements

11.10.4 Security levels

12 Software application requirements

12.1 Purpose

12.2 SAR 2.4 - Mobile code

12.2.1 Requirement

12.2.2 Rationale and supplemental guidance

12.2.3 Requirement enhancements

12.2.4 Security levels

12.3 SAR 3.2 - Protection from malicious code

12.3.1 Requirement

12.3.2 Rationale and supplemental guidance

12.3.3 Requirement enhancements

12.3.4 Security levels

13 Embedded device requirements

13.1 Purpose

13.2 EDR 2.4 - Mobile code

13.2.1 Requirement

13.2.2 Rationale and supplemental guidance

13.2.3 Requirement enhancements

13.2.4 Security levels

13.3 EDR 2.13 - Use of physical diagnostic and test interfaces

13.3.1 Requirement

13.3.2 Rationale and supplemental guidance

13.3.3 Requirement enhancements

13.3.4 Security levels

13.4 EDR 3.2 - Protection from malicious code

13.4.1 Requirement

13.4.2 Rationale and supplemental guidance

13.4.3 Requirement enhancements

13.4.4 Security levels

13.5 EDR 3.10 - Support for updates

13.5.1 Requirement

13.5.2 Rationale and supplemental guidance

13.5.3 Requirement enhancements

13.5.4 Security levels

13.6 EDR 3.11 - Physical tamper resistance and detection

13.6.1 Requirement

13.6.2 Rationale and supplemental guidance

13.6.3 Requirement enhancements

13.6.4 Security levels

13.7 EDR 3.12 - Provisioning product supplier roots of trust

13.7.1 Requirement

13.7.2 Rationale and supplemental guidance

13.7.3 Requirement enhancements

13.7.4 Security levels

13.8 EDR 3.13 - Provisioning asset owner roots of trust

13.8.1 Requirement

13.8.2 Rationale and supplemental guidance

13.8.3 Requirement enhancements

13.8.4 Security levels

13.9 EDR 3.14 - Integrity of the boot process

13.9.1 Requirement

13.9.2 Rationale and supplemental guidance

13.9.3 Requirement enhancements

13.9.4 Security levels

14 Host device requirements

14.1 Purpose

14.2 HDR 2.4 - Mobile code

14.2.1 Requirement

14.2.2 Rationale and supplemental guidance

14.2.3 Requirement enhancements

14.2.4 Security levels

14.3 HDR 2.13 - Use of physical diagnostic and test interfaces

14.3.1 Requirement

14.3.2 Rationale and supplemental guidance

14.3.3 Requirement enhancements

14.3.4 Security levels

14.4 HDR 3.2 - Protection from malicious code

14.4.1 Requirement

14.4.2 Rationale and supplemental guidance

14.4.3 Requirement enhancements

14.4.4 Security levels

14.5 HDR 3.10 - Support for updates

14.5.1 Requirement

14.5.2 Rationale and supplemental guidance

14.5.3 Requirement enhancements

14.5.4 Security levels

14.6 HDR 3.11 - Physical tamper resistance and detection

14.6.1 Requirement

14.6.2 Rationale and supplemental guidance

14.6.3 Requirement enhancements

14.6.4 Security levels

14.7 HDR 3.12 - Provisioning product supplier roots of trust

14.7.1 Requirement

14.7.2 Rationale and supplemental guidance

14.7.3 Requirement enhancements

14.7.4 Security levels

14.8 HDR 3.13 - Provisioning asset owner roots of trust

14.8.1 Requirement

14.8.2 Rationale and supplemental guidance

14.8.3 Requirement enhancements

14.8.4 Security levels

14.9 HDR 3.14 - Integrity of the boot process

14.9.1 Requirement

14.9.2 Rationale and supplemental guidance

14.9.3 Requirement enhancements

14.9.4 Security levels

15 Network device requirements

15.1 Purpose

15.2 NDR 1.6 - Wireless access management

15.2.1 Requirement

15.2.2 Rationale and supplemental guidance

15.2.3 Requirement enhancements

15.2.4 Security levels

15.3 NDR 1.13 - Access via untrusted networks

15.3.1 Requirement

15.3.2 Rationale and supplemental guidance

15.3.3 Requirement enhancements

15.3.4 Security levels

15.4 NDR 2.4 - Mobile code

15.4.1 Requirement

15.4.2 Rationale and supplemental guidance

15.4.3 Requirement enhancements

15.4.4 Security levels

15.5 NDR 2.13 - Use of physical diagnostic and test interfaces

15.5.1 Requirement

15.5.2 Rationale and supplemental guidance

15.5.3 Requirement enhancements

15.5.4 Security levels

15.6 NDR 3.2 - Protection from malicious code

15.6.1 Requirement

15.6.2 Rationale and supplemental guidance

15.6.3 Requirement enhancements

15.6.4 Security levels

15.7 NDR 3.10 - Support for updates

15.7.1 Requirement

15.7.2 Rationale and supplemental guidance

15.7.3 Requirement enhancements

15.7.4 Security levels

15.8 NDR 3.11 - Physical tamper resistance and detection

15.8.1 Requirement

15.8.2 Rationale and supplemental guidance

15.8.3 Requirement enhancements

15.8.4 Security levels

15.9 NDR 3.12 - Provisioning product supplier roots of trust

15.9.1 Requirement

15.9.2 Rationale and supplemental guidance

15.9.3 Requirement enhancements

15.9.4 Security levels

15.10 NDR 3.13 - Provisioning asset owner roots of trust

15.10.1 Requirement

15.10.2 Rationale and supplemental guidance

15.10.3 Requirement enhancements

15.10.4 Security levels

15.11 NDR 3.14 - Integrity of the boot process

15.11.1 Requirement

15.11.2 Rationale and supplemental guidance

15.11.3 Requirement enhancements

15.11.4 Security levels

15.12 NDR 5.2 - Zone boundary protection

15.12.1 Requirement

15.12.2 Rationale and supplemental guidance

15.12.3 Requirement enhancements

15.12.4 Security levels

15.13 NDR 5.3 - General purpose, person- to- person communication restrictions

15.13.1 Requirement

15.13.2 Rationale and supplemental guidance

15.13.3 Requirement enhancements

15.13.4 Security levels

Annex A (informative) Device categories

A.1 General

A.2 Device category: embedded device

A.2.1 Programmable logic controller (PLC)

A.2.2 Intelligent electronic device (IED)

A.3 Device category: network device

A.3.1 Switch

A.3.2 Virtual private network (VPN) terminator

A.4 Device category: host device/application

A.4.1 Operator workstation

A.4.2 Data historian

Annex B (informative) Mapping of CRs and REs to FR SLs 1- 4

B.1 Overview

B.2 SL mapping table

Bibliography