International Electrotechnical Commission

The IEC 62443 series was developed to secure industrial automation and control systems (IACS) throughout their lifecycle. It currently includes nine standards, technical reports, and technical specifications. The standard is divided into different sections and describes both technical and process-related aspects of automation and control systems cybersecurity.

Technical requirements for systems (IEC 62443-3-3) and products (IEC 62443-4-2) are evaluated in the standard by four Security Levels (SL):

• Security Level 0: No special requirement or protection is required.
• Security Level 1: Protection against unintentional or accidental misuse.
• Security Level 2: Protection against intentional misuse by simple means with few resources, general skills, and low motivation.
• Security Level 3: Protection against intentional misuse by sophisticated means with moderate resources, IACS-specific knowledge, and moderate motivation.
• Security Level 4: Protection against intentional misuse using sophisticated means with extensive resources, IACS-specific knowledge, and high motivation.

Elisity Cognitive Trust enables continuous threat detection through continuous identity verification and access authorization based on explicit policies that are enforced at the OSI L2, L3, and L4 using existing switching infrastructure as policy enforcement points.

The platform integrates with leading OT device identity and telemetry vendors to enrich policy information points, and more granularly manage risk. The solution ensures that specific OT communications protocols (i.e., Modbus) are allowed between devices and respective control systems, virtually isolating headless devices from malicious network traffic.

Get in touch with us about your IEC 62443 compliance-related project and learn how you can accelerate it with Elisity Cognitive Trust.