ANSI ISA 62443-2-1-2009 Security for Industrial Automation and Control Systems Establishing an Industrial Automation and Control Systems Security Program (99.02.01)《工业自动化和控制系统安全性.第.pdf

1、 ANSI/ISA62443-2-1 (99.02.01)2009 (formerly designated as ANSI/ISA-99.02.01-2009) Security for Industrial Automation and Control Systems Part 2-1: Establishing an Industrial Automation and Control Systems Security Program Approved 13 January 2009ANSI/ISA62443-2-1 (99.02.01)2009 2 Copyright 2009 ISA.

2、 All rights reserved. ANSI/ISA62443-2-1 (99.02.01)2009 (formerly designated as ANSI/ISA-99.02.01-2009) Security for Industrial Automation and Control Systems Part 2-1: Establishing an Industrial Automation and Control Systems Security Program ISBN: 978-1-934394-93-9 Copyright 2009 by ISA. All rights

3、 reserved. Printed in the United States of America. No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording, or otherwise), without the prior written permission of the publisher. ISA 67 A

4、lexander Drive P.O. Box 12277 Research Triangle Park, NC 27709 www.isa.org 3 ANSI/ISA62443-2-1 (99.02.01)2009 Copyright 2009 ISA. All rights reserved. Preface This preface, as well as all footnotes and annexes, is included for information purposes and is not part of ANSI/ISA62443-2-1 (99.02.01)2009.

5、 This document has been prepared as part of the service of ISA, the Instrumentation, Systems and Automation Society, toward a goal of uniformity in the field of instrumentation. To be of real value, this document should not be static but should be subject to periodic review. Toward this end, the Soc

6、iety welcomes all comments and criticisms and asks that they be addressed to the Secretary, Standards and Practices Board; ISA; 67 Alexander Drive; P. O. Box 12277; Research Triangle Park, NC 27709; Telephone (919) 549-8411; Fax (919) 549-8288; E-mail: standardsisa.org. The ISA Standards and Practic

7、es Department is aware of the growing need for attention to the metric system of units in general and the International System of Units (SI) in particular, in the preparation of instrumentation standards. The Department is further aware of the benefits to USA users of ISA standards of incorporating

8、suitable references to the SI (and the metric system) in their business and professional dealings with other countries. Toward this end, this Department will endeavour to introduce SI-acceptable metric units in all new and revised standards, recommended practices and technical reports to the greates

9、t extent possible. Standard for Use of the International System of Units (SI): The Modern Metric System, published by the American Society for Testing and Materials as IEEE/ASTM SI 10-97, and future revisions, will be the reference guide for definitions, symbols, abbreviations, and conversion factor

10、s. It is the policy of ISA to encourage and welcome the participation of all concerned individu als and interests in the development of ISA standards, recommended practices and technical reports. Participation in the ISA standards-making process by an individual in no way constitutes endorsement by

11、the employer of that individual, of ISA or of any of the standards, recommended practices and technical reports that ISA develops. CAUTION ISA does not take any position with respect to the existence or validity of any patent rights asserted in connection with this document, and ISA disclaims liabil

12、ity fo r the infringement of any patent resulting from the use of this document. Users are advised that determination of the validity of any patent rights, and the risk of infringement of such rights, is entirely their own responsibility. Pursuant to ISAs Patent Policy, one or more patent holders or

13、 patent applicants may have disclosed patents that could be infringed by use of this document and executed a Letter of Assurance committing to the granting of a license on a worldwide, non-discriminatory basis, with a fair and reasonable royalty rate and fair and reasonable terms and conditions. For

14、 more information on such disclosures and Letters of Assurance, contact ISA or visit www.isa.org/StandardsPatents. Other patents or patent claims may exist for which a disclosure or Letter of Assurance has not been received. ISA is not responsible for identifying patents or patent applications for w

15、hich a license may be required, for conducting inquiries into the legal validity or scope of patents, or determining whether any licensing terms or conditions provided in connection with submission of a Letter of Assurance, if any, or in any licensing agreements are reasonable or non-discriminatory.

16、 ISA requests that anyone reviewing this Document who is aware of any patents that may impact implementation of the Document notify the ISA Standards and Practices Department of the patent and its owner. Additionally, the use of this standard may involve hazardous materials, operations or equipment.

17、 The standard cannot anticipate all possible applications or address all ANSI/ISA-62443-2-1 (99.02.01)2009 - 4 - Copyright 2009 ISA. All rights reserved. possible safety issues associated with use in hazardous conditions. The user of this standard must exercise sound professional judgment concerning

18、 its use and applicability under the users particular circumstances. The user must also consider the applicability of any governmental regulatory limitations and established safety and health practices before implementing this standard. 5 ANSI/ISA62443-2-1 (99.02.01)2009 Copyright 2009 ISA. All righ

19、ts reserved. The following people served as active members of ISA99 Working Group 2 in the preparation of this standard: Name Company Contributor Reviewer Thomas Good, WG Leader DuPont X James Gilsinn, Lead Editor NIST X Soloman Almadi Saudi Aramco X Ken Anderson MTS Allstream Inc. X Rahul Bhojani B

20、ayer Technology Services X Dennis Brandl BR&L Consulting X Eric Byres Byres Security Inc. X Antony Capel Comgate Engineering Ltd. X Richard Clark Invensys/Wonderware X Eric Cosman, ISA99 Co-Chair The Dow Chemical Company X Jean-Pierre Dalzon ISA France X Ronald Derynck Verano X Gabriel Dimowo Shell

21、International X Robert Evans Idaho National Laboratory X Donna Guillen Idaho National Laboratory X Evan Hand ConAgra Foods X Mark Heard Eastman Chemical Co. X Marnix Haije Shell Information Technology X Dave Mills Proctor and Gamble Co. X Carol Muehrcke Cyber Defense Agency LLC X Tom Phinney Consult

22、ant X X Jeff Potter Emerson X Matt Rollinson Monsanto Co. X Bryan Singer, ISA99 Co-Chair Kenexis Consulting Group X Martin Solum Cyber Defense Agency LLC X Leon Steinocher Fluor Enterprises X Ivan Susanto Chevron Information Technology Co. X Brad Taylor The George Washington University X Loren Uden

23、Lyondell Chemical Co. X Bob Webb ICS Secure LLC X Joe Weiss Applied Control Solutions, LLC X Ludwig Winkel Siemens X ANSI/ISA-62443-2-1 (99.02.01)2009 - 6 - Copyright 2009 ISA. All rights reserved. Contents 1 Scope 13 2 Normative references . 14 3 Terms, definitions, abbreviated terms, acronyms, and

24、 conventions 15 3.1 Terms and definitions 15 3.2 Abbreviated terms and acronyms 19 3.3 Conventions 21 4 Elements of a cyber security management system . 22 4.1 Overview . 22 4.2 Category: Risk analysis . 24 4.2.1 Description of category . 24 4.2.2 Element: Business rationale 24 4.2.3 Element: Risk i

25、dentification, classification, and assessment 25 4.3 Category: Addressing risk with the CSMS . 26 4.3.1 Description of category . 26 4.3.2 Element group: Security policy, organization, and awareness 27 4.3.3 Element group: Selected security countermeasures 31 4.3.4 Element group: Implementation . 39

26、 4.4 Category: Monitoring and improving the CSMS . 44 4.4.1 Description of category . 44 4.4.2 Element: Conformance 44 4.4.3 Element: Review, improve, and maintain the CSMS 45 Annex A (informative) Guidance for developing the elements of a CSMS . 47 A.1 Overview . 47 A.2 Category: Risk analysis . 48

27、 A.2.1 Description of category . 48 A.2.2 Element: Business rationale 49 A.2.3 Element: Risk identification, classification, and assessment 54 A.3 Category: Addressing risk with the CSMS . 77 A.3.1 Description of category . 77 A.3.2 Element group: Security policy, organization, and awareness 77 A.3.

28、3 Element group: Selected security countermeasures 94 A.3.4 Element group: Implementation . 118 A.4 Category: Monitoring and improving the CSMS . 147 A.4.1 Description of category . 147 A.4.2 Element: Conformance 147 A.4.3 Element: Review, improve, and maintain the CSMS 150 Annex B (informative) Pro

29、cess to develop a CSMS 155 B.1 Overview . 155 B.2 Description of the Process 155 B.3 Activity: Initiate CSMS program . 157 7 ANSI/ISA62443-2-1 (99.02.01)2009 Copyright 2009 ISA. All rights reserved. B.4 Activity: High-level risk assessment 158 B.5 Activity: Detailed risk assessment . 158 B.6 Activit

30、y: Establishing Security Policy, Organization, and Awareness . 159 B.7 Activity: Select and implement countermeasures . 162 B.8 Activity: Maintain the CSMS 162 Figure 1 Graphical view of elements of a cyber security management system . 23 Figure 2 Graphical view of category: Risk analysis 24 Figure

31、3 Graphical view of element group: Security policy, organization, and awareness . 27 Figure 4 Graphical view of element group: Selected security countermeasures . 32 Figure 5 Graphical view of element group: Implementation 39 Figure 6 Graphical view of category: Monitoring and improving the CSMS . 4

32、4 Figure A.1 Graphical view of elements of a cyber security management system 48 Figure A.2 Graphical view of category: Risk analysis . 49 Figure A.3 Reported attacks on computer systems through 2004 (source: CERT) 53 Figure A.4 Sample logical IACS data collection sheet 68 Figure A.5 Example of a gr

33、aphically rich logical network diagram 70 Figure A.6 Graphical view of element group: Security policy, organization, and awareness 77 Figure A.7 Graphical view of element group: Selected security countermeasures 94 Figure A.8 Reference architecture alignment with an example segmented architecture 10

34、2 Figure A.9 Reference SCADA architecture alignment with an example segmented architecture 105 Figure A.10 Access control: Account administration . 107 Figure A.11 Access control: Authentication 110 Figure A.12 Access control: Authorization . 116 Figure A.13 Graphical view of element group: Implemen

35、tation . 119 Figure A.14 Security level lifecycle model: Assess phase 122 Figure A.15 Corporate security zone template architecture 125 Figure A.16 Security zones for an example IACS . 126 Figure A.17 Security level lifecycle model: Develop and implement phase . 129 Figure A.18 Security level lifecy

36、cle model: Maintain phase 134 Figure A.19 Graphical view of category: Monitoring and improving the CSMS 147 Figure B.1 Top level activities for establishing a CSMS . 155 Figure B.2 Activities and dependencies for activity: Initiate CSMS program . 157 Figure B.3 Activities and dependencies for activi

37、ty: High-level risk assessment . 158 Figure B.4 Activities and dependencies for activity: Detailed risk assessment 159 Figure B.5 Activities and dependencies for activity: Establish policies and procedures 160 Figure B.6 Training and assignment of organization responsibilities 161 ANSI/ISA-62443-2-1

38、 (99.02.01)2009 - 8 - Copyright 2009 ISA. All rights reserved. Figure B.7 Activities and dependencies for activity: Select and implement countermeasures 162 Figure B.8 Activities and dependencies for activity: Maintain the CSMS 163 Table A.1 Typical likelihood scale 61 Table A.2 Typical consequence

39、scale 63 Table A.3 Typical risk level matrix . 64 Table A.4 Example countermeasures and practices based on IACS risk levels 120 Table A.5 Example IACS asset table with assessment results . 123 Table A.6 Example IACS asset table with assessment results and risk levels 124 Table A.7 Target security le

40、vels for an example IACS 126 9 ANSI/ISA62443-2-1 (99.02.01)2009 Copyright 2009 ISA. All rights reserved. Foreword This standard is part of a multipart series that addresses the issue of security for industrial automation and control systems. It has been developed by Working Group 2 of the ISA99 comm

41、ittee. This standard describes the elements contained in a cyber security management system for use in the industrial automation and control systems environment and provides guidance on how to meet the requirements described for each element. This standard has been developed in large part from a pre

42、vious Technical Report produced by the ISA99 committee, ANSI/ISATR99.00.022004, Integrating Electronic Security into the Manufacturing and Control Systems Environment. The majority of the contents of this Technical Report have been included in this standard and as such this standard supersedes the T

43、echnical Report. The ISA99 Series1 and the IEC The ISA99 series addresses electronic security within the industrial automation and control systems environment. The series will serve as the foundation for the IEC 62443 series of the same titles, as being developed by IEC TC65 WG10, “Security for indu

44、strial process measurement and control - Network and system security.” For information, visit www.iec.ch, Technical Committee 65. The ISA99 series includes the following: ANSI/ISA99.01.012007 Terminology, concepts and models ANSI/ISA99.01.01 establishes the context for all of the remaining standards

45、 in the series by defining the terminology, concepts and models to understand electronic security for the industrial automation and control systems environment. ANSI/ISATR99.01.022007 Security Technologies for Industrial Automation and Control Systems ANSI/ISATR99.01.02 describes various security te

46、chnologies in terms of their applicability for use with industrial automation and control systems. This report will be updated periodically to reflect changes in technology. ANSI/ISA99.02.012009 Establishing an industrial automation and control system security program ANSI/ISA99.02.01 describes the

47、elements to establish a cyber security management system and provides guidance on how to meet the requirements for each element. ISA99.02.02 (in development at the time of publication of this standard) Operating an industrial automation and control system security program ISA99.02.02 will address ho

48、w to operate a security program after it is designed and implemented. This includes the definition and application of metrics to measure program effectiveness. ISA99.03.xx Technical security requirements for industrial automation and control systems (in development at the time of publication of this

49、 standard) The ISA99.03.xx standards will define the characteristics of industrial automation and control systems that differentiate them from other information technology systems from a 1 For information about the status of the ISA99 series, visit http:/www.isa.org/standards. ANSI/ISA-62443-2-1 (99.02.01)2009 - 10 - Copyright 2009 ISA. All rights reserved. security point of view. Based on these characteristics, the standards wil