Join us for a presentation and Q&A session about ISA/IEC 62443 - Automation & Control System Cybersecurity.
A founding principle of the ISA/IEC 62443 standards is the concept of shared responsibility as an essential building block of automation cybersecurity. Key stakeholder groups must align to ensure the safety, integrity, reliability, and security of control systems.
The standards define requirements for key stakeholder groups who are involved in control system cybersecurity. Stakeholder groups include asset owners (end users), automation product suppliers, integrators who build and maintain control system solutions and their components, and service suppliers who support the operation of control systems.
People, processes, and technology all play critical roles in securing automation and control systems. The ISA/IEC 62443 series addresses the security of industrial automation and control systems (IACS) throughout their lifecycle (which applies to all automation and control systems, not only industrial).
The ISA/IEC 62443 standards provide guidance that includes:
- Defining common terms, concepts, and models that can be used by all stakeholders responsible for control systems cybersecurity
- Helping asset owners determine the level of security required to meet their unique business and risk needs
- Establishing a common set of requirements and a cybersecurity lifecycle methodology for product developers, including a mechanism to certify products and vendor development processes
- Defining the risk assessment processes that are critical to protecting control systems
About the Presenter
Hal Thomas is the owner and primary consultant of HWT Consulting LLC. He was formerly an Engineering Associate - Process Safety at Air Products for over 36 years. He received a BSME from Bucknell University, is a registered professional engineer in the state of PA and is a certified functional safety expert, CFSE. Prior to becoming a process safety engineer and being involved in cybersecurity for control systems, he was a process control engineer. He has participated in several industry initiatives involving the Center for Chemical Process Safety (CCPS), ISA84 and ISA99. He currently participates in ISA84 technical report working groups and co-chairs WG9 responsible for TR84.00.09, Cyber Security Related to the Safety Lifecycle, as well as participating in a number of ISA99 working groups and co-chairing WG7 that is intended to address the intersection of security and safety. During his career, he has authored and co-authored a number of papers dealing with aspects of risk assessment, including cybersecurity.