International Standards and Conformity Assessment for all electrical, electronic and related technologies

Cyber security

IEC International Standards together with testing and certification (conformity assessment) are important tools for a successful cyber security strategy. They need to be incorporated into an overarching strategy that includes people, processes and technology.

 

Cyber security

Brochure overview

pdf file 841 KB

 

IEC and cyber security

Presentation overview

pdf file 13.4 MB

 

 

 

ABC of cyber security

Presentation overview

pdf file 4.5 MB

 

 

 

 

Horizontal Standards

The ISO/IEC Joint Technical Committee (JTC1 ) develops the ISO/IEC 27000 family of Standards for information technology (IT) systems. IEC Technical Committee 65 (TC 65) has created IEC 62443 for operational technology found in industrial and critical infrastructure, including but not restricted to power utilities, water management systems, healthcare and transport systems. These are horizontal standards, which are technology independent and can be applied across many technical areas.

 

Vertical Standards

Vertical Standards are designed to meet specific technical needs, for example in the energy sector, manufacturing, healthcare or shipping, among others. Several technical committees (TCs) and subcommittees (SCs) prepare International Standards that protect specific domains and keep industry and critical infrastructure assets safe. Here is a short selection:

 

IEC SC  45A

IEC 62645

protection of microprocessor-based information and control systems in nuclear power plants

Nuclear power plants (NPPs)

IEC 62859

framework for managing the interactions between safety and cyber security.

IEC TC 57

IEC 61850

series of publications for communication networks and systems for power utility automation

Electric power utilities

IEC 60870

series for telecontrol equipment and systems

IEC SC 62A

ISO/IEC 80001
(via Joint Working Group with ISO)

risk management for IT-networks incorporating medical devices

Healthcare

IEC TC 65

IEC 62443

series of publications that specify security requirements for industrial automation and control systems (IACS)

Industry

IEC TC 80

IEC 61162

series for maritime navigation and radiocommunication equipment and systems

Shipping

Related publications and brochures

Brochure (e-tech articles): Protecting critical infrastructure – EN

Brochure overview

pdf file 2.29 MB

 

Conformity Assessment

IECEE has created global certification services based on the IEC 62443 series.

 

Standards provide written instructions. Testing and certification (conformity assessment) verifies that these instructions are properly applied in real-world technical systems.

 

The IEC runs four conformity assessment systems with up to 54 member countries. In the area of cyber security, IECEE currently plays the lead role in providing services based on the IEC 62443 series of Standards. IECEE Industrial Cyber Security Programme was created to test and certify cyber security in the industrial automation sector.

 

The IECEE “operational document” OD-2061 describes how conformity assessment can be applied to the IEC 62443 series.

 

 

 

 

 

Related e-tech articles