Preview

BS PD IEC/TR 62443-2-3:2015

Security for industrial automation and control systems-Patch management in the IACS environment

BSI Group , 07/31/2015

$184.00 $368.30
BS PD IEC/TR 62443-2-3:2015, which is a Technical Report, describes requirements for asset ownersand industrial automation and control system (IACS) product suppliers that have establishedand are now maintaining an IACS patch management program.This Technical Report recommends a defined format for the distribution of information aboutsecurity patches from asset owners to IACS product suppliers, a definition of some of theactivities associated with the development of the patch information by IACS product suppliersand deployment and installation of the patches by asset owners. The exchange format andactivities are defined for use in security related patches; however, it may also be applicablefor non-security related patches or updates.The Technical Report does not differentiate between patches made available for the operatingsystems (OSs), applications or devices. It does not differentiate between the productsuppliers that supply the infrastructure components or the IACS applications; it providesguidance for all patches applicable to the IACS. Additionally, the type of patch can be for theresolution of bugs, reliability issues, operability issues or security vulnerabilities.NOTE 1 This Technical Report does not provide guidance on the ethics and approaches for the discovery anddisclosure of security vulnerabilities affecting IACS. This is a general issue outside the scope of this report.NOTE 2 This Technical Report does not provide guidance on the mitigation of vulnerabilities in the periodbetween when the vulnerability is discovered and the date that the patch resolving the vulnerability is created. Forguidance on multiple countermeasures to mitigate security risks as part of an IACS security management system(IACS-SMS), refer to, Annexes B.4.5, B.4.6 and B.8.5 in this Technical Report and other documents in the IEC62443 series.Cross References:IEC TS 62443-1-1IEC 62443-2-1IEC 62443-2-1IEC 62443-2-4 IEC 62443-4-1ISO 639-1:2002ISO 3166-1:2006ISO 3166-2:2007 ISO 4217:2008ISO 8601:2004ECE/TRADE/C/CEFACT/2009/24ECE/TRADE/C/CEFACT/2009/25

Product Information

Published: 07/31/2015
Pages: 66
ISBN: 9780580835445
File Size: 1 file , 2.3 MB
Language: English
Note: This product is unavailable in Ukraine, Russia, Belarus

Related Documents

BS PD CEN/TR 1030-2:2016
BS PD CEN/TR 1030-2:2016

$184.00

BS 5924:1989
BS 5924:1989

$80.00

BS 6394-2:1985
BS 6394-2:1985

$80.00

BS 3630-14:1972
BS 3630-14:1972

$37.00