Security for industrial automation and control systems - Part 4-1: Secure product development lifecycle requirements (IEC 62443-4-1:2018)

IEC 62443-4:2018(E) specifies the process requirements for the secure development of products used in industrial automation and control systems. This specification is part of a series of standards that addresses the issue of security for industrial automation and control systems (IACS). IEC 62443-4 defines secure development life-cycle (SDL) requirements related to cyber security for products intended for use in the industrial automation and control systems environment and provides guidance on how to meet the requirements described for each element. The life-cycle description includes security requirements definition, secure design, secure implementation (including coding guidelines), verification and validation, defect management, patch management and product end-of-life. These requirements can be applied to new or existing processes for developing, maintaining and retiring hardware, software or firmware.
Note that these requirements only apply to the developer and maintainer of the product, and are not applicable to the integrator or the user of the product. A summary list of the requirements is provided in Annex B.

IT-Sicherheit für industrielle Automatisierungssysteme - Teil 4-1: Anforderungen an den Lebenszyklus für eine sichere Produktentwicklung (IEC 62443-4-1:2018)

Security for industrial automation and control systems - Part 4-1: Secure product development lifecycle requirements (IEC 62443-4-1:2018)

L'IEC 62443-4:2018 spécifie les exigences relatives au processus de développement sécurisé des produits utilisés dans des systèmes d'automatisation et de commande industriels. Elle définit un cycle de développement sécurisé (SDL – secure development life-cycle) en vue de développer et d'assurer la sécurité des produits. Ce cycle inclut la définition des exigences de sécurité, la conception sécurisée, la mise en œuvre sécurisée (y compris les lignes directrices en matière de codage), la vérification et la validation, la gestion des défauts, la gestion des correctifs et la fin de vie du produit. Ces exigences peuvent être appliquées à des processus nouveaux ou existants pour le développement, la maintenance et le retrait des matériels, logiciels et micrologiciels destinés aux produits nouveaux ou existants. Elles s'appliquent au développeur et au chargé de maintenance du produit, mais pas à l'intégrateur ni à l'utilisateur du produit. Une liste récapitulative des exigences du présent document peut être consultée à l'Annexe B.

Zaščita industrijske avtomatizacije in nadzornih sistemov - 4-1. del: Zahteve za varnost izdelka v obdobju razvoja izdelka (IEC 62443-4-1:2018)

Ta del standarda IEC 62443 določa postopkovne zahteve za varnost izdelkov v obdobju razvoja, uporabljene pri industrijski avtomatizaciji in kontrolnih sistemih. Opredeljuje varnost izdelkov v obdobju razvoja (SDL) za razvoj in ohranjanje varnosti izdelkov. To obdobje vključuje opredelitev varnostnih zahtev, varno zasnovo, varno implementacijo (vključno s smernicami glede kodiranja), preverjanje in potrjevanje, upravljanje napak, upravljanje popravkov in ravnanje ob koncu življenjske dobe izdelka. Te zahteve veljajo za nove in obstoječe postopke za razvoj, vzdrževanje in umik strojne opreme, programske opreme ali vdelane programske opreme za nove ali obstoječe izdelke. Te zahteve veljajo za razvijalca ali vzdrževalca izdelka, ne pa tudi za integratorja ali uporabnika izdelka. Zbirni seznam zahtev v tem dokumentov je mogoče najti v dodatku B.

General Information

Status
Published
Publication Date
10-May-2018
ICS
13.020.60 - Product life-cycles
 
25.040.01 - Industrial automation systems in general
 
35.030 - IT Security
Technical Committee
MOV - Measuring equipment for electromagnetic quantities
Current Stage
6060 - National Implementation/Publication (Adopted Project)
Start Date
29-Mar-2018
Due Date
03-Jun-2018
Completion Date
11-May-2018
Ref Project
EN IEC 62443-4-1:2018 - Security for industrial automation and control systems - Part 4-1: Secure product development lifecycle requirements

Overview

EN IEC 62443-4-1:2018 (IEC 62443-4-1) defines secure product development lifecycle (SDL) requirements for products used in industrial automation and control systems (IACS). Published by CLC/CENELEC as part of the IEC 62443 series, this standard specifies process requirements and guidance for developers and maintainers of hardware, software and firmware - covering security requirements definition, secure design, secure implementation (including coding guidance), verification & validation, defect and patch management, and product end-of-life. These requirements apply to the product developer/maintainer only (not to integrators or end users). Annex B provides a summary list of requirements.

Key Topics and Requirements

The standard is organized around a lifecycle and practical practices. Key technical topics include:

  • Security management: governance of the SDL, roles and responsibilities, development process scoping, development environment security and file integrity controls.
  • Specification of security requirements: defining product security context, threat modelling and explicit product security requirements and reviews.
  • Secure by design: secure design principles, defense-in-depth, security design reviews and design best practices.
  • Secure implementation: secure coding standards, implementation reviews, controls for third‑party or custom components.
  • Verification & validation (V&V): requirements testing, threat mitigation testing, vulnerability testing and penetration testing, plus independence of testers.
  • Management of security-related issues: defect handling, vulnerability notification, patch management and coordinated product end-of-life processes.
  • Maturity model and continuous improvement: process verification, improvement cycles and evidence-based compliance.

The document maps practices to identifiers (e.g., SM-, SR-, SD-, SI-, SVV-, DM-) to help organizations structure their SDL program.

Applications and Who Uses It

EN IEC 62443-4-1 is practical for organizations that develop or maintain IACS products, including:

  • Industrial product manufacturers (PLCs, RTUs, HMIs, industrial gateways)
  • Firmware and embedded software developers
  • Security architects and engineers implementing SDL controls
  • Quality assurance and testing teams conducting vulnerability, threat mitigation and penetration tests
  • Procurement and compliance officers assessing supplier security practices
  • Third‑party component suppliers providing modules or libraries used in IACS devices

Typical applications: building compliant secure products, formalizing secure development processes, preparing for certification, supplier security assessments, and establishing patch/defect management workflows.

Related standards

  • IEC 62443 series (system- and organization-level requirements)
  • IEC 62443-2-4 (supplier security policies and practices)
  • ISO/IEC 27001, ISO/IEC 27002 (information security management)
  • ISO 9001, IEC 61508 (where referenced for quality and safety integration)

Keywords: EN IEC 62443-4-1:2018, IEC 62443-4-1, secure product development lifecycle, SDL, IACS cybersecurity, industrial automation security.

SIST EN 62443-4-1:2018 - BARVE na PDF-str 15,16,24 - Page 1 previewSIST EN 62443-4-1:2018 - BARVE na PDF-str 15,16,24 - Page 2 previewSIST EN 62443-4-1:2018 - BARVE na PDF-str 15,16,24 - Page 3 previewSIST EN 62443-4-1:2018 - BARVE na PDF-str 15,16,24 - Page 4 preview
PreviousNext
Standard

SIST EN 62443-4-1:2018 - BARVE na PDF-str 15,16,24

English language
57 pages
Preview
Preview
e-Library read for
1 day
SIST EN IEC 62443-4-1:2018 - BARVE - Page 1 previewSIST EN IEC 62443-4-1:2018 - BARVE - Page 2 previewSIST EN IEC 62443-4-1:2018 - BARVE - Page 3 previewSIST EN IEC 62443-4-1:2018 - BARVE - Page 4 preview
PreviousNext
Standard

SIST EN IEC 62443-4-1:2018 - BARVE

English language
57 pages
Preview
Preview
e-Library read for
1 day

Frequently Asked Questions

SIST EN IEC 62443-4-1:2018 is a standard published by the Slovenian Institute for Standardization (SIST). Its full title is "Security for industrial automation and control systems - Part 4-1: Secure product development lifecycle requirements (IEC 62443-4-1:2018)". This standard covers: IEC 62443-4:2018(E) specifies the process requirements for the secure development of products used in industrial automation and control systems. This specification is part of a series of standards that addresses the issue of security for industrial automation and control systems (IACS). IEC 62443-4 defines secure development life-cycle (SDL) requirements related to cyber security for products intended for use in the industrial automation and control systems environment and provides guidance on how to meet the requirements described for each element. The life-cycle description includes security requirements definition, secure design, secure implementation (including coding guidelines), verification and validation, defect management, patch management and product end-of-life. These requirements can be applied to new or existing processes for developing, maintaining and retiring hardware, software or firmware. Note that these requirements only apply to the developer and maintainer of the product, and are not applicable to the integrator or the user of the product. A summary list of the requirements is provided in Annex B.

IEC 62443-4:2018(E) specifies the process requirements for the secure development of products used in industrial automation and control systems. This specification is part of a series of standards that addresses the issue of security for industrial automation and control systems (IACS). IEC 62443-4 defines secure development life-cycle (SDL) requirements related to cyber security for products intended for use in the industrial automation and control systems environment and provides guidance on how to meet the requirements described for each element. The life-cycle description includes security requirements definition, secure design, secure implementation (including coding guidelines), verification and validation, defect management, patch management and product end-of-life. These requirements can be applied to new or existing processes for developing, maintaining and retiring hardware, software or firmware. Note that these requirements only apply to the developer and maintainer of the product, and are not applicable to the integrator or the user of the product. A summary list of the requirements is provided in Annex B.

SIST EN IEC 62443-4-1:2018 is classified under the following ICS (International Classification for Standards) categories: 13.020.60 - Product life-cycles; 25.040.01 - Industrial automation systems in general; 35.030 - IT Security. The ICS classification helps identify the subject area and facilitates finding related standards.

You can purchase SIST EN IEC 62443-4-1:2018 directly from iTeh Standards. The document is available in PDF format and is delivered instantly after payment. Add the standard to your cart and complete the secure checkout process. iTeh Standards is an authorized distributor of SIST standards.

Standards Content (Sample)


SLOVENSKI STANDARD
SIST EN 62443-4-1:2018
01-junij-2018
=DãþLWDLQGXVWULMVNHDYWRPDWL]DFLMHLQQDG]RUQLKVLVWHPRYGHO=DKWHYH]D
YDUQRVWL]GHONDYREGREMXUD]YRMDL]GHOND ,(&
Security for industrial automation and control systems - Part 4-1: Secure product
development lifecycle requirements (IEC 62443-4-1:2018)
IT-Sicherheit für industrielle Automatisierungssysteme - Teil 4-1: Anforderungen an den
Lebenszyklus für eine sichere Produktentwicklung (IEC 62443-4-1:2018)
Security for industrial automation and control systems - Part 4-1: Secure product
development lifecycle requirements (IEC 62443-4-1:2018)
Ta slovenski standard je istoveten z: EN IEC 62443-4-1:2018
ICS:
13.020.60 Življenjski ciklusi izdelkov Product life-cycles
25.040.01 Sistemi za avtomatizacijo v Industrial automation
industriji na splošno systems in general
SIST EN 62443-4-1:2018 en,fr,de
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

SIST EN 62443-4-1:2018
SIST EN 62443-4-1:2018
EUROPEAN STANDARD EN IEC 62443-4-1

NORME EUROPÉENNE
EUROPÄISCHE NORM
March 2018
ICS 25.040.40; 35.030
English Version
Security for industrial automation and control systems - Part 4-1:
Secure product development lifecycle requirements
(IEC 62443-4-1:2018)
To be completed IT-Sicherheit für industrielle Automatisierungssysteme - Teil
(IEC 62443-4-1:2018) 4-1: Anforderungen an den Lebenszyklus für eine sichere
Produktentwicklung
(IEC 62443-4-1:2018)
This European Standard was approved by CENELEC on 2018-02-19. CENELEC members are bound to comply with the CEN/CENELEC
Internal Regulations which stipulate the conditions for giving this European Standard the status of a national standard without any alteration.
Up-to-date lists and bibliographical references concerning such national standards may be obtained on application to the CEN-CENELEC
Management Centre or to any CENELEC member.
This European Standard exists in three official versions (English, French, German). A version in any other language made by translation
under the responsibility of a CENELEC member into its own language and notified to the CEN-CENELEC Management Centre has the
same status as the official versions.
CENELEC members are the national electrotechnical committees of Austria, Belgium, Bulgaria, Croatia, Cyprus, the Czech Republic,
Denmark, Estonia, Finland, Former Yugoslav Republic of Macedonia, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia,
Lithuania, Luxembourg, Malta, the Netherlands, Norway, Poland, Portugal, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden,
Switzerland, Turkey and the United Kingdom.

European Committee for Electrotechnical Standardization
Comité Européen de Normalisation Electrotechnique
Europäisches Komitee für Elektrotechnische Normung
CEN-CENELEC Management Centre: Rue de la Science 23, B-1040 Brussels
© 2018 CENELEC All rights of exploitation in any form and by any means reserved worldwide for CENELEC Members.
Ref. No. EN IEC 62443-4-1:2018 E

SIST EN 62443-4-1:2018
European foreword
The text of document 65/685/FDIS, future edition 1 of IEC 62443-4-1, prepared by IEC/TC 65
"Industrial-process measurement, control and automation" was submitted to the IEC-CENELEC
parallel vote and approved by CENELEC as EN IEC 62443-4-1:2018.

The following dates are fixed:
• latest date by which the document has to be (dop) 2018-11-19
implemented at national level by
publication of an identical national
standard or by endorsement
(dow) 2021-02-19
• latest date by which the national
standards conflicting with the
document have to be withdrawn
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. CENELEC shall not be held responsible for identifying any or all such patent rights.

Endorsement notice
The text of the International Standard IEC 62443-4-1:2018 was approved by CENELEC as a
European Standard without any modification.
In the official version, for Bibliography, the following notes have to be added for the standards
indicated:
IEC 62740 NOTE Harmonized as EN 62470.
IEC 61508 (series) NOTE Harmonized as EN 61508 (series).
ISO/IEC 27001 NOTE Harmonized as EN ISO/IEC 27001.
ISO/IEC 27002 NOTE Harmonized as EN ISO/IEC 27002.
ISO 9001 NOTE Harmonized as EN ISO 9001.

SIST EN 62443-4-1:2018
Annex ZA
(normative)
Normative references to international publications
with their corresponding European publications

The following documents are referred to in the text in such a way that some or all of their content
constitutes requirements of this document. For dated references, only the edition cited applies. For
undated references, the latest edition of the referenced document (including any amendments)
applies.
NOTE 1  Where an International Publication has been modified by common modifications, indicated by (mod), the relevant
EN/HD applies.
NOTE 2  Up-to-date information on the latest versions of the European Standards listed in this annex is available here:
www.cenelec.eu.
Publication Year Title EN/HD Year
IEC 62443-2-4 2015 Security for industrial process - -
measurement and control - Network and
system security - Part 2-4: Certification of
IACS supplier security policies and
practices
+ A1 2017  - -
SIST EN 62443-4-1:2018
SIST EN 62443-4-1:2018
IEC 62443-4-1 ®
Edition 1.0 2018-01
INTERNATIONAL
STANDARD
colour
inside
Security for industrial automation and control systems –

Part 4-1: Secure product development lifecycle requirements

INTERNATIONAL
ELECTROTECHNICAL
COMMISSION
ISBN 978-2-8322-5239-0
ICS 25.040.40; 35.030
SIST EN 62443-4-1:2018
– 2 – IEC 62443-4-1:2018 © IEC 2018
CONTENTS
FOREWORD . 6
INTRODUCTION . 8
1 Scope . 11
2 Normative references . 11
3 Terms, definitions, abbreviated terms, acronyms and conventions . 11
3.1 Terms and definitions . 11
3.2 Abbreviated terms and acronyms . 16
3.3 Conventions . 17
4 General principles . 17
4.1 Concepts . 17
4.2 Maturity model . 19
5 Practice 1 – Security management . 20
5.1 Purpose . 20
5.2 SM-1: Development process . 21
5.2.1 Requirement . 21
5.3 Rationale and supplemental guidance . 21
5.4 SM-2: Identification of responsibilities . 21
5.4.1 Requirement . 21
5.4.2 Rationale and supplemental guidance. 21
5.5 SM-3: Identification of applicability . 21
5.5.1 Requirement . 21
5.5.2 Rationale and supplemental guidance. 22
5.6 SM-4: Security expertise . 22
5.6.1 Requirement . 22
5.6.2 Rationale and supplemental guidance. 22
5.7 SM-5: Process scoping . 22
5.7.1 Requirement . 22
5.7.2 Rationale and supplemental guidance. 23
5.8 SM-6: File integrity . 23
5.8.1 Requirement . 23
5.8.2 Rationale and supplemental guidance. 23
5.9 SM-7: Development environment security . 23
5.9.1 Requirement . 23
5.9.2 Rationale and supplemental guidance. 23
5.10 SM-8: Controls for private keys . 23
5.10.1 Requirement . 23
5.10.2 Rationale and supplemental guidance. 24
5.11 SM-9: Security requirements for externally provided components . 24
5.11.1 Requirement . 24
5.11.2 Rationale and supplemental guidance. 24
5.12 SM-10: Custom developed components from third-party suppliers . 24
5.12.1 Requirement . 24
5.12.2 Rationale and supplemental guidance. 25
5.13 SM-11: Assessing and addressing security-related issues . 25
5.13.1 Requirement . 25
5.13.2 Rationale and supplemental guidance. 25

SIST EN 62443-4-1:2018
IEC 62443-4-1:2018 © IEC 2018 – 3 –
5.14 SM-12: Process verification . 25
5.14.1 Requirement . 25
5.14.2 Rationale and supplemental guidance. 25
5.15 SM-13: Continuous improvement . 25
5.15.1 Requirement . 25
5.15.2 Rationale and supplemental guidance. 26
6 Practice 2 – Specification of security requirements . 26
6.1 Purpose . 26
6.2 SR-1: Product security context . 27
6.2.1 Requirement . 27
6.2.2 Rationale and supplemental guidance. 27
6.3 SR-2: Threat model . 27
6.3.1 Requirement . 27
6.3.2 Rationale and supplemental guidance. 28
6.4 SR-3: Product security requirements . 28
6.4.1 Requirement . 28
6.4.2 Rationale and supplemental guidance. 28
6.5 SR-4: Product security requirements content . 29
6.5.1 Requirement . 29
6.5.2 Rationale and supplemental guidance. 29
6.6 SR-5: Security requirements review . 29
6.6.1 Requirement . 29
6.6.2 Rationale and supplemental guidance. 29
7 Practice 3 – Secure by design . 30
7.1 Purpose . 30
7.2 SD-1: Secure design principles . 30
7.2.1 Requirement . 30
7.2.2 Rationale and supplemental guidance. 30
7.3 SD-2: Defense in depth design. 31
7.3.1 Requirement . 31
7.3.2 Rationale and supplemental guidance. 32
7.4 SD-3: Security design review . 32
7.4.1 Requirement . 32
7.4.2 Rationale and supplemental guidance. 32
7.5 SD-4: Secure design best practices . 32
7.5.1 Requirement . 32
7.5.2 Rationale and supplemental guidance. 33
8 Practice 4 – Secure implementation . 33
8.1 Purpose . 33
8.2 Applicability . 33
8.3 SI-1: Security implementation review . 33
8.3.1 Requirement . 33
8.3.2 Rationale and supplemental guidance. 34
8.4 SI-2: Secure coding standards . 34
8.4.1 Requirement . 34
8.4.2 Rationale and supplemental guidance. 34
9 Practice 5 – Security verification and validation testing . 34
9.1 Purpose . 34

SIST EN 62443-4-1:2018
– 4 – IEC 62443-4-1:2018 © IEC 2018
9.2 SVV-1: Security requirements testing . 35
9.2.1 Requirement . 35
9.2.2 Rationale and supplemental guidance. 35
9.3 SVV-2: Threat mitigation testing . 35
9.3.1 Requirement . 35
9.3.2 Rationale and supplemental guidance. 35
9.4 SVV-3: Vulnerability testing . 36
9.4.1 Requirement . 36
9.4.2 Rationale and supplemental guidance. 36
9.5 SVV-4: Penetration testing . 36
9.5.1 Requirement . 36
9.5.2 Rationale and supplemental guidance. 36
9.6 SVV-5: Independence of testers . 37
9.6.1 Requirement . 37
9.6.2 Rationale and supplemental guidance. 37
10 Practice 6 – Management of security-related issues . 38
10.1 Purpose . 38
10.2 DM-1: Receiving notifications of security-related issues . 38
10.2.1 Requirement . 38
10.2.2 Rationale and supplemental guidance. 38
10.3 DM-2: Reviewing security-related issues . 38
10.3.1 Requirement . 38
10.3.2 Rationale and supplemental guidance. 39
10.4 DM-3: Assessing security-related issues . 39
10.4.1 Requirement . 39
10.4.2 Rationale and supplemental guidance. 39
10.5 DM-4: Addressing security-related issues . 40
10.5.1 Requirement . 40
10.5.2 Rationale and supplemental guidance. 40
10.6 DM-5: Disclosing security-related issues . 41
10.6.1 Requirement . 41
10.6.2 Rationale and supplemental guidance. 41
10.7 DM-6: Periodic review of security defect management practice . 42
10.7.1 Requirement . 42
10.7.2 Rationale and supplemental guidance. 42
11 Practice 7 – Security update management . 42
11.1 Purpose . 42
11.2 SUM-1: Security update qualification . 42
11.2.1 Requirement . 42
11.2.2 Rationale and supplemental guidance. 42
11.3 SUM-2: Security update documentation . 42
11.3.1 Requirement . 42
11.3.2 Rationale and supplemental guidance. 43
11.4 SUM-3: Dependent component or operating system security update
documentation . 43
11.4.1 Requirement . 43
11.4.2 Rationale and supplemental guidance. 43
11.5 SUM-4: Security update delivery . 43
11.5.1 Requirement . 43

SIST EN 62443-4-1:2018
IEC 62443-4-1:2018 © IEC 2018 – 5 –
11.5.2 Rationale and supplemental guidance. 43
11.6 SUM-5: Timely delivery of security patches . 44
11.6.1 Requirement . 44
11.6.2 Rationale and supplemental guidance. 44
12 Practice 8 – Security guidelines . 44
12.1 Purpose . 44
12.2 SG-1: Product defense in depth . 44
12.2.1 Requirement . 44
12.2.2 Rationale and supplemental guidance. 45
12.3 SG-2: Defense in depth measures expected in the environment . 45
12.3.1 Requirement . 45
12.3.2 Rationale and supplemental guidance. 45
12.4 SG-3: Security hardening guidelines . 45
12.4.1 Requirement . 45
12.4.2 Rationale and supplemental guidance. 46
12.5 SG-4: Secure disposal guidelines . 46
12.5.1 Requirement . 46
12.5.2 Rationale and supplemental guidance. 46
12.6 SG-5: Secure operation guidelines . 46
12.6.1 Requirement . 46
12.6.2 Rationale and supplemental guidance. 47
12.7 SG-6: Account management guidelines . 47
12.7.1 Requirement . 47
12.7.2 Rationale and supplemental guidance. 47
12.8 SG-7: Documentation review . 47
12.8.1 Requirement . 47
12.8.2 Rationale and supplemental guidance. 47
Annex A (informative) Possible metrics . 48
Annex B (informative) Table of requirements . 50
Bibliography . 52

Figure 1 – Parts of the IEC 62443 series. 9
Figure 2 – Example scope of product life-cycle . 10
Figure 3 – Defence in depth strategy is a key philosophy of the secure product life-cycle . 18

Table 1 – Maturity levels . 20
Table 2 – Example SDL continuous improvement activities . 26
Table 3 – Required level of independence of testers from developers . 37
Table B.1 – Summary of all requirements . 50

SIST EN 62443-4-1:2018
– 6 – IEC 62443-4-1:2018 © IEC 2018
INTERNATIONAL ELECTROTECHNICAL COMMISSION
____________
SECURITY FOR INDUSTRIAL AUTOMATION
AND CONTROL SYSTEMS –
Part 4-1: Secure product development lifecycle requirements

FOREWORD
1) The International Electrotechnical Commission (IEC) is a worldwide organization for standardization comprising
all national electrotechnical committees (IEC National Committees). The object of IEC is to promote
international co-operation on all questions concerning standardization in the electrical and electronic fields. To
this end and in addition to other activities, IEC publishes International Standards, Technical Specifications,
Technical Reports, Publicly Available Specifications (PAS) and Guides (hereafter referred to as “IEC
Publication(s)”). Their preparation is entrusted to technical committees; any IEC National Committee interested
in the subject dealt with may participate in this preparatory work. International, governmental and non-
governmental organizations liaising with the IEC also participate in this preparation. IEC collaborates closely
with the International Organization for Standardization (ISO) in accordance with conditions determined by
agreement between the two organizations.
2) The formal decisions or agreements of IEC on technical matters express, as nearly as possible, an international
consensus of opinion on the relevant subjects since each technical committee has representation from all
interested IEC National Committees.
3) IEC Publications have the form of recommendations for international use and are accepted by IEC National
Committees in that sense. While all reasonable efforts are made to ensure that the technical content of IEC
Publications is accurate, IEC cannot be held responsible for the way in which they are used or for any
misinterpretation by any end user.
4) In order to promote international uniformity, IEC National Committees undertake to apply IEC Publications
transparently to the maximum extent possible in their national and regional publications. Any divergence
between any IEC Publication and the corresponding national or regional publication shall be clearly indicated in
the latter.
5) IEC itself does not provide any attestation of conformity. Independent certification bodies provide conformity
assessment services and, in some areas, access to IEC marks of conformity. IEC is not responsible for any
services carried out by independent certification bodies.
6) All users should ensure that they have the latest edition of this publication.
7) No liability shall attach to IEC or its directors, employees, servants or agents including individual experts and
members of its technical committees and IEC National Committees for any personal injury, property damage or
other damage of any nature whatsoever, whether direct or indirect, or for costs (including legal fees) and
expenses arising out of the publication, use of, or reliance upon, this IEC Publication or any other IEC
Publications.
8) Attention is drawn to the Normative references cited in this publication. Use of the referenced publications is
indispensable for the correct application of this publication.
9) Attention is drawn to the possibility that some of the elements of this IEC Publication may be the subject of
patent rights. IEC shall not be held responsible for identifying any or all such patent rights.
International Standard IEC 62443-4-1 has been prepared by IEC technical committee 65:
Industrial-process measurement, control and automation.
The text of this International Standard is based on the following documents:
FDIS Report on voting
65/685/FDIS 65/688/RVD
Full information on the voting for the approval of this International Standard can be found in
the report on voting indicated in the above table.
This document has been drafted in accordance with the ISO/IEC Directives, Part 2.

SIST EN 62443-4-1:2018
IEC 62443-4-1:2018 © IEC 2018 – 7 –
A list of all parts in the IEC 62443 series, published under the general title Security for
industrial automation and control systems, can be found on the IEC website.
Future standards in this series will carry the new general title as cited above. Titles of existing
standards in this series will be updated at the time of the next edition.
The committee has decided that the contents of this document will remain unchanged until the
stability date indicated on the IEC website under "http://webstore.iec.ch" in the data related to
the specific document. At this date, the document will be
• reconfirmed,
• withdrawn,
• replaced by a revised edition, or
• amended.
A bilingual version of this publication may be issued at a later date.

IMPORTANT – The 'colour inside' logo on the cover page of this publication indicates
that it contains colours which are considered to be useful for the correct
understanding of its contents. Users should therefore print this document using a
colour printer.
SIST EN 62443-4-1:2018
– 8 – IEC 62443-4-1:2018 © IEC 2018
INTRODUCTION
This document is part of a series of standards that addresses the issue of security for
industrial automation and control systems (IACS). This document describes product
development life-cycle requirements related to cyber security for products intended for use in
the industrial automation and control systems environment and provides guidance on how to
meet the requirements described for each element.
This document has been developed in large part from the Secure Development Life-cycle
Assessment (SDLA) Certification Requirements [26] from the ISA Security Compliance
Institute (ISCI). Note that the SDLA procedure was based on the following sources:
– ISO/IEC 15408-3 (Common Criteria) [18];
– Open Web Application Security Project (OWASP) Comprehensive, Lightweight Application
Security Process (CLASP) [36];
– The Security Development Life-cycle by Michael Howard and Steve Lipner [43];
– IEC 61508 Functional safety of electrical/electronic/ programmable electronic
safety-related systems [24], and
– RCTA DO-178B Software Considerations in Airborne Systems and Equipment Certification
[28].
Therefore, all these sources can be considered contributing sources to this document.
This document is the part of the IEC 62443 series that contains security requirements for
developers of any automation and control products where security is a concern.
Figure 1 illustrates the relationship of the different parts of IEC 62443 that were in existence
or planned as of the date of circulation of this document. Those that are normatively
referenced are included in the list of normative references in Clause 2, and those that are
referenced for informational purposes or that are in development are listed in the Bibliography.
___________
Figures in square brackets refer to the bibliography.

SIST EN 62443-4-1:2018
IEC 62443-4-1:2018 © IEC 2018 – 9 –
IEC TS 62443-1-1 IEC TR 62443-1-2 IEC TS 62443-1-3 IEC TR 62443-1-4
Master glossary of System security
IACS security life-cycle
Terminology, concepts
terms and abbreviations compliance metrics
and use-cases
and models
IEC 62443-2-1 IEC TR 62443-2-2 IEC TR 62443-2-3 IEC 62443-2-4
Establishing an industrial
Implementation guidance Security program
Patch management in
automation and control for an IACS security
requirements for IACS
the IACS environment
system security program management system
service providers
IEC TR 62443-3-1 IEC 62443-3-2 IEC 62443-3-3
System security
Security technologies
Security risk assessment
requirements and
for industrial automation and system design
security levels
and control systems
IEC 62443-4-1 IEC 62443-4-2
Technical security
Product development
requirements for IACS
requirements
components
Published In development Development planned
Published (under review) Out for comment/vote Adoption planned

IEC
Figure 1 – Parts of the IEC 62443 series
Figure 2 illustrates how the developed product relates to maintenance and integration
capabilities defined in IEC 62443-2-4 and to its operation by the asset owner. The product
supplier develops products using a process compliant with this document. Those products
may be a single component, such as an embedded controller, or a group of components
working together as a system or subsystem. The products are then integrated together,
usually by a system integrator, into an Automation Solution using a process compliant with
IEC 62443-2-4. The Automation Solution is then installed at a particular site and becomes
part of the industrial automation and control system (IACS). Some of these capabilities
reference security measures defined in IEC 62443-3-3 [10] that the service provider ensures
are supported in the Automation Solution (either as product features or compensating
mechanisms). This document only addresses the process used for the development of the
product; it does not address design, installation or operation of the Automation Solution or
IACS.
In Figure 2, the Automation Solution is illustrated to contain one or more subsystems and
optional supporting components such as advanced control. The dashed boxes indicate that
these components are “optional”.
NOTE 1 Automation Solutions typically have a single product, but they are not restricted to do so. In some
industries, there may be a hierarchical product structure. In general, the Automation Solution is the set of hardware
and software, independent of product packaging, that is used to control a physical process (for example,
continuous or manufacturing) as defined by the asset owner.
NOTE 2 If a service provider provides products used in the Automation Solution, then the service provider is
fulfilling the role of product supplier in this diagram.
NOTE 3 If a service provider provides products used in the Automation Solution, then the service provider is
fulfilling the role of product supplier in this diagram.

Policies and
Component System
General
procedures
Status
key
SIST EN 62443-4-1:2018
– 10 – IEC 62443-4-1:2018 © IEC 2018
Industrial automation and control system (IACS)
Operational and maintenance
Asset
Operates (IEC 62443-2-1,
capabilities (policies and procedures)
Owner
IEC 62443-2-4)
+
Automation Solution (IEC 62443-3-3)
Integrates (IEC 62443-2-4,
System
Complementary
Integrator
hardware and
IEC 62443-3-2)
Subsystem 1 Subsystem 2
software
components
Configured for intended environment
Includes a configured instance  of the Product
Product (IEC 62443-4-2)
system, subsystem, or component such as:
Product
Develops (IEC 62443-4-1)
Supplier
Embedded Network Host
Applications
devices components devices
Independent of the intended environment
IEC
Figure 2 – Example scope of product life-cycle

SIST EN 62443-4-1:2018
IEC 62443-4-1:2018 © IEC 2018 – 11 –
SECURITY FOR INDUSTRIAL AUTOMATION
AND CONTROL SYSTEMS –
Part 4-1: Secure product development lifecycle requirements

1 Scope
This part of IEC 62443 specifies process requirements for the secure development of
products used in industrial automation and control systems. It defines a secure development
life-cycle (SDL) for the purpose of developing and maintaining secure products. This life-cycle
includes security requirements definition, secure design, secure implementation (including
coding guidelines), verification and validation, defect management, patch management and
product end-of-life. These requirements can be applied to new or existing processes for
developing, maintaining and retiring hardware, software or firmware for new or existing
products. These requirements apply to the developer and maintainer of the product, but not to
the integrator or user of the product. A summary list of the requirements in this document can
be found in Annex B.
2 Normative references
The following documents are referred to in the text in such a way that some or all of their
content constitutes requirements of this document. For dated references, only the edition
cited applies. For undated references, the latest edition of the referenced document (including
any amendments) applies.
IEC 62443-2-4:2015, Security for industrial automation and control systems – Part 2-4:
Security program requirements for IACS service providers
IEC 62443-2-4:2015/AMD1:2017
3 Terms, definitions, abbreviated terms, acronyms and conventions
3.1 Terms and definitions
For the purposes of this document, the terms and definitions given in IEC TR 62443-1-2 and
the following apply.
ISO and IEC maintain terminological databases for use in standardization at the following
addresses:
• IEC Electropedia: available at http://www.electropedia.org/
• ISO Online browsing platform: available at http://www.iso.org/obp
3.1.1
abuse case
test case used to perform negative operations of a use case
Note 1 to entry: Abuse case tests are simulated attacks often based on the threat model. An abuse case is a type
of complete interaction between a system and one or more actors where the results of the interaction are
intentionally intended to be harmful to the system, one of the actors or one of the stakeholders in the system.
___________
Under consideration.
SIST EN 62443-4-1:2018
– 12 – IEC 62443-4-1:2018 © IEC 2018
3.1.2
access control
protection of system resources against unauthorized access
3.1.3
access control
process by which use of system resources is regulated according to a security policy and is
permitted by only authorized users according to that policy
Note 1 to entry: Access control includes identification and authentication requirements specified in other parts of
the IEC 62443 series.
3.1.4
administrator
user who has been authorized to manage security policies/capabilities for a product or system
3.1.5
asset
physical or logical object owned by or under the custodial duties of an organization, having
either a perceived or actual value to the organization
Note 1 to entry: In this specific case, an asset is an object that is part of an IACS.
3.1.6
asset owner
individual or organization responsible for one or more IACSs
3.1.7
attack surface
physical and functional interfaces of a system that can be accessed and, therefore, potentially
exploited by an attacker
3.1.8
audit log
event log that requires a higher level of integrity protection than provided by typical event logs
Note 1 to entry: Audit logs are used to protect against claims that repudiate responsibility for an action.
3.1.9
authentication
provision of assurance that a claimed characteristic of an identity is correct
Note 1 to entry: Not all credentials used to authenticate an identity are created equally. The trustworthiness of the
credential is determined by the configured authentication mechanism. Hardware or software-based mechanisms
can force users to prove their identity before accessing data on a device. A typical example is proving the identity
of a user usually through an identity provider.
Note 2 to entry: Authentication includes verifying human users as well as non-human users such as devices or
processes.
3.1.10
automation solution
control system and any complementary hardware and software components that have been
installed and configured to operate in an IACS
Note 1 to entry: Automation Solution is used as a proper noun in this part of the IEC 62443 series.
Note 2 to entry: The difference between the control system and the Automation Solution is that the control system
is incorporated into the Automation Solution design (for example, a specific number of workstations, controllers and
devices in a specific configuration), which is then implemented. The resulting configuration is referred to as the
Automation Solution.
SIST EN 62443-4-1:2018
IEC 62443-4-1:2018 © IEC 2018 – 13 –
Note 3 to entry: The Automation Solution can be comprised of components from multiple suppliers including the
product supplier of the control system.
3.1.11
banned function
software method that is no longer recommended to be used in software because more secure
versions exist with less propensity for misuse
Note 1 to entry: Banned functions are sometimes called banned methods or banned Application Programming
Interfaces (APIs).
3.1.12
best practices
guidelines for securely designing, developing, testing, maintaining or retiring products that the
supplier has determined are commonly recommended by both the security and industrial
automation com
...


SLOVENSKI STANDARD
01-junij-2018
Zaščita industrijske avtomatizacije in nadzornih sistemov - 4-1. del: Zahteve za
varnost izdelka v obdobju razvoja izdelka (IEC 62443-4-1:2018)
Security for industrial automation and control systems - Part 4-1: Secure product
development lifecycle requirements (IEC 62443-4-1:2018)
IT-Sicherheit für industrielle Automatisierungssysteme - Teil 4-1: Anforderungen an den
Lebenszyklus für eine sichere Produktentwicklung (IEC 62443-4-1:2018)
Security for industrial automation and control systems - Part 4-1: Secure product
development lifecycle requirements (IEC 62443-4-1:2018)
Ta slovenski standard je istoveten z: EN IEC 62443-4-1:2018
ICS:
13.020.60 Življenjski ciklusi izdelkov Product life-cycles
25.040.01 Sistemi za avtomatizacijo v Industrial automation
industriji na splošno systems in general
35.030 Informacijska varnost IT Security
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

EUROPEAN STANDARD EN IEC 62443-4-1

NORME EUROPÉENNE
EUROPÄISCHE NORM
March 2018
ICS 25.040.40; 35.030
English Version
Security for industrial automation and control systems - Part 4-1:
Secure product development lifecycle requirements
(IEC 62443-4-1:2018)
To be completed IT-Sicherheit für industrielle Automatisierungssysteme - Teil
(IEC 62443-4-1:2018) 4-1: Anforderungen an den Lebenszyklus für eine sichere
Produktentwicklung
(IEC 62443-4-1:2018)
This European Standard was approved by CENELEC on 2018-02-19. CENELEC members are bound to comply with the CEN/CENELEC
Internal Regulations which stipulate the conditions for giving this European Standard the status of a national standard without any alteration.
Up-to-date lists and bibliographical references concerning such national standards may be obtained on application to the CEN-CENELEC
Management Centre or to any CENELEC member.
This European Standard exists in three official versions (English, French, German). A version in any other language made by translation
under the responsibility of a CENELEC member into its own language and notified to the CEN-CENELEC Management Centre has the
same status as the official versions.
CENELEC members are the national electrotechnical committees of Austria, Belgium, Bulgaria, Croatia, Cyprus, the Czech Republic,
Denmark, Estonia, Finland, Former Yugoslav Republic of Macedonia, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia,
Lithuania, Luxembourg, Malta, the Netherlands, Norway, Poland, Portugal, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden,
Switzerland, Turkey and the United Kingdom.

European Committee for Electrotechnical Standardization
Comité Européen de Normalisation Electrotechnique
Europäisches Komitee für Elektrotechnische Normung
CEN-CENELEC Management Centre: Rue de la Science 23, B-1040 Brussels
© 2018 CENELEC All rights of exploitation in any form and by any means reserved worldwide for CENELEC Members.
Ref. No. EN IEC 62443-4-1:2018 E

European foreword
The text of document 65/685/FDIS, future edition 1 of IEC 62443-4-1, prepared by IEC/TC 65
"Industrial-process measurement, control and automation" was submitted to the IEC-CENELEC
parallel vote and approved by CENELEC as EN IEC 62443-4-1:2018.

The following dates are fixed:
• latest date by which the document has to be (dop) 2018-11-19
implemented at national level by
publication of an identical national
standard or by endorsement
(dow) 2021-02-19
• latest date by which the national
standards conflicting with the
document have to be withdrawn
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. CENELEC shall not be held responsible for identifying any or all such patent rights.

Endorsement notice
The text of the International Standard IEC 62443-4-1:2018 was approved by CENELEC as a
European Standard without any modification.
In the official version, for Bibliography, the following notes have to be added for the standards
indicated:
IEC 62740 NOTE Harmonized as EN 62470.
IEC 61508 (series) NOTE Harmonized as EN 61508 (series).
ISO/IEC 27001 NOTE Harmonized as EN ISO/IEC 27001.
ISO/IEC 27002 NOTE Harmonized as EN ISO/IEC 27002.
ISO 9001 NOTE Harmonized as EN ISO 9001.

Annex ZA
(normative)
Normative references to international publications
with their corresponding European publications

The following documents are referred to in the text in such a way that some or all of their content
constitutes requirements of this document. For dated references, only the edition cited applies. For
undated references, the latest edition of the referenced document (including any amendments)
applies.
NOTE 1  Where an International Publication has been modified by common modifications, indicated by (mod), the relevant
EN/HD applies.
NOTE 2  Up-to-date information on the latest versions of the European Standards listed in this annex is available here:
www.cenelec.eu.
Publication Year Title EN/HD Year
IEC 62443-2-4 2015 Security for industrial process - -
measurement and control - Network and
system security - Part 2-4: Certification of
IACS supplier security policies and
practices
+ A1 2017  - -
IEC 62443-4-1 ®
Edition 1.0 2018-01
INTERNATIONAL
STANDARD
colour
inside
Security for industrial automation and control systems –

Part 4-1: Secure product development lifecycle requirements

INTERNATIONAL
ELECTROTECHNICAL
COMMISSION
ISBN 978-2-8322-5239-0
ICS 25.040.40; 35.030
– 2 – IEC 62443-4-1:2018 © IEC 2018
CONTENTS
FOREWORD . 6
INTRODUCTION . 8
1 Scope . 11
2 Normative references . 11
3 Terms, definitions, abbreviated terms, acronyms and conventions . 11
3.1 Terms and definitions . 11
3.2 Abbreviated terms and acronyms . 16
3.3 Conventions . 17
4 General principles . 17
4.1 Concepts . 17
4.2 Maturity model . 19
5 Practice 1 – Security management . 20
5.1 Purpose . 20
5.2 SM-1: Development process . 21
5.2.1 Requirement . 21
5.3 Rationale and supplemental guidance . 21
5.4 SM-2: Identification of responsibilities . 21
5.4.1 Requirement . 21
5.4.2 Rationale and supplemental guidance. 21
5.5 SM-3: Identification of applicability . 21
5.5.1 Requirement . 21
5.5.2 Rationale and supplemental guidance. 22
5.6 SM-4: Security expertise . 22
5.6.1 Requirement . 22
5.6.2 Rationale and supplemental guidance. 22
5.7 SM-5: Process scoping . 22
5.7.1 Requirement . 22
5.7.2 Rationale and supplemental guidance. 23
5.8 SM-6: File integrity . 23
5.8.1 Requirement . 23
5.8.2 Rationale and supplemental guidance. 23
5.9 SM-7: Development environment security . 23
5.9.1 Requirement . 23
5.9.2 Rationale and supplemental guidance. 23
5.10 SM-8: Controls for private keys . 23
5.10.1 Requirement . 23
5.10.2 Rationale and supplemental guidance. 24
5.11 SM-9: Security requirements for externally provided components . 24
5.11.1 Requirement . 24
5.11.2 Rationale and supplemental guidance. 24
5.12 SM-10: Custom developed components from third-party suppliers . 24
5.12.1 Requirement . 24
5.12.2 Rationale and supplemental guidance. 25
5.13 SM-11: Assessing and addressing security-related issues . 25
5.13.1 Requirement . 25
5.13.2 Rationale and supplemental guidance. 25

IEC 62443-4-1:2018 © IEC 2018 – 3 –
5.14 SM-12: Process verification . 25
5.14.1 Requirement . 25
5.14.2 Rationale and supplemental guidance. 25
5.15 SM-13: Continuous improvement . 25
5.15.1 Requirement . 25
5.15.2 Rationale and supplemental guidance. 26
6 Practice 2 – Specification of security requirements . 26
6.1 Purpose . 26
6.2 SR-1: Product security context . 27
6.2.1 Requirement . 27
6.2.2 Rationale and supplemental guidance. 27
6.3 SR-2: Threat model . 27
6.3.1 Requirement . 27
6.3.2 Rationale and supplemental guidance. 28
6.4 SR-3: Product security requirements . 28
6.4.1 Requirement . 28
6.4.2 Rationale and supplemental guidance. 28
6.5 SR-4: Product security requirements content . 29
6.5.1 Requirement . 29
6.5.2 Rationale and supplemental guidance. 29
6.6 SR-5: Security requirements review . 29
6.6.1 Requirement . 29
6.6.2 Rationale and supplemental guidance. 29
7 Practice 3 – Secure by design . 30
7.1 Purpose . 30
7.2 SD-1: Secure design principles . 30
7.2.1 Requirement . 30
7.2.2 Rationale and supplemental guidance. 30
7.3 SD-2: Defense in depth design. 31
7.3.1 Requirement . 31
7.3.2 Rationale and supplemental guidance. 32
7.4 SD-3: Security design review . 32
7.4.1 Requirement . 32
7.4.2 Rationale and supplemental guidance. 32
7.5 SD-4: Secure design best practices . 32
7.5.1 Requirement . 32
7.5.2 Rationale and supplemental guidance. 33
8 Practice 4 – Secure implementation . 33
8.1 Purpose . 33
8.2 Applicability . 33
8.3 SI-1: Security implementation review . 33
8.3.1 Requirement . 33
8.3.2 Rationale and supplemental guidance. 34
8.4 SI-2: Secure coding standards . 34
8.4.1 Requirement . 34
8.4.2 Rationale and supplemental guidance. 34
9 Practice 5 – Security verification and validation testing . 34
9.1 Purpose . 34

– 4 – IEC 62443-4-1:2018 © IEC 2018
9.2 SVV-1: Security requirements testing . 35
9.2.1 Requirement . 35
9.2.2 Rationale and supplemental guidance. 35
9.3 SVV-2: Threat mitigation testing . 35
9.3.1 Requirement . 35
9.3.2 Rationale and supplemental guidance. 35
9.4 SVV-3: Vulnerability testing . 36
9.4.1 Requirement . 36
9.4.2 Rationale and supplemental guidance. 36
9.5 SVV-4: Penetration testing . 36
9.5.1 Requirement . 36
9.5.2 Rationale and supplemental guidance. 36
9.6 SVV-5: Independence of testers . 37
9.6.1 Requirement . 37
9.6.2 Rationale and supplemental guidance. 37
10 Practice 6 – Management of security-related issues . 38
10.1 Purpose . 38
10.2 DM-1: Receiving notifications of security-related issues . 38
10.2.1 Requirement . 38
10.2.2 Rationale and supplemental guidance. 38
10.3 DM-2: Reviewing security-related issues . 38
10.3.1 Requirement . 38
10.3.2 Rationale and supplemental guidance. 39
10.4 DM-3: Assessing security-related issues . 39
10.4.1 Requirement . 39
10.4.2 Rationale and supplemental guidance. 39
10.5 DM-4: Addressing security-related issues . 40
10.5.1 Requirement . 40
10.5.2 Rationale and supplemental guidance. 40
10.6 DM-5: Disclosing security-related issues . 41
10.6.1 Requirement . 41
10.6.2 Rationale and supplemental guidance. 41
10.7 DM-6: Periodic review of security defect management practice . 42
10.7.1 Requirement . 42
10.7.2 Rationale and supplemental guidance. 42
11 Practice 7 – Security update management . 42
11.1 Purpose . 42
11.2 SUM-1: Security update qualification . 42
11.2.1 Requirement . 42
11.2.2 Rationale and supplemental guidance. 42
11.3 SUM-2: Security update documentation . 42
11.3.1 Requirement . 42
11.3.2 Rationale and supplemental guidance. 43
11.4 SUM-3: Dependent component or operating system security update
documentation . 43
11.4.1 Requirement . 43
11.4.2 Rationale and supplemental guidance. 43
11.5 SUM-4: Security update delivery . 43
11.5.1 Requirement . 43

IEC 62443-4-1:2018 © IEC 2018 – 5 –
11.5.2 Rationale and supplemental guidance. 43
11.6 SUM-5: Timely delivery of security patches . 44
11.6.1 Requirement . 44
11.6.2 Rationale and supplemental guidance. 44
12 Practice 8 – Security guidelines . 44
12.1 Purpose . 44
12.2 SG-1: Product defense in depth . 44
12.2.1 Requirement . 44
12.2.2 Rationale and supplemental guidance. 45
12.3 SG-2: Defense in depth measures expected in the environment . 45
12.3.1 Requirement . 45
12.3.2 Rationale and supplemental guidance. 45
12.4 SG-3: Security hardening guidelines . 45
12.4.1 Requirement . 45
12.4.2 Rationale and supplemental guidance. 46
12.5 SG-4: Secure disposal guidelines . 46
12.5.1 Requirement . 46
12.5.2 Rationale and supplemental guidance. 46
12.6 SG-5: Secure operation guidelines . 46
12.6.1 Requirement . 46
12.6.2 Rationale and supplemental guidance. 47
12.7 SG-6: Account management guidelines . 47
12.7.1 Requirement . 47
12.7.2 Rationale and supplemental guidance. 47
12.8 SG-7: Documentation review . 47
12.8.1 Requirement . 47
12.8.2 Rationale and supplemental guidance. 47
Annex A (informative) Possible metrics . 48
Annex B (informative) Table of requirements . 50
Bibliography . 52

Figure 1 – Parts of the IEC 62443 series. 9
Figure 2 – Example scope of product life-cycle . 10
Figure 3 – Defence in depth strategy is a key philosophy of the secure product life-cycle . 18

Table 1 – Maturity levels . 20
Table 2 – Example SDL continuous improvement activities . 26
Table 3 – Required level of independence of testers from developers . 37
Table B.1 – Summary of all requirements . 50

– 6 – IEC 62443-4-1:2018 © IEC 2018
INTERNATIONAL ELECTROTECHNICAL COMMISSION
____________
SECURITY FOR INDUSTRIAL AUTOMATION
AND CONTROL SYSTEMS –
Part 4-1: Secure product development lifecycle requirements

FOREWORD
1) The International Electrotechnical Commission (IEC) is a worldwide organization for standardization comprising
all national electrotechnical committees (IEC National Committees). The object of IEC is to promote
international co-operation on all questions concerning standardization in the electrical and electronic fields. To
this end and in addition to other activities, IEC publishes International Standards, Technical Specifications,
Technical Reports, Publicly Available Specifications (PAS) and Guides (hereafter referred to as “IEC
Publication(s)”). Their preparation is entrusted to technical committees; any IEC National Committee interested
in the subject dealt with may participate in this preparatory work. International, governmental and non-
governmental organizations liaising with the IEC also participate in this preparation. IEC collaborates closely
with the International Organization for Standardization (ISO) in accordance with conditions determined by
agreement between the two organizations.
2) The formal decisions or agreements of IEC on technical matters express, as nearly as possible, an international
consensus of opinion on the relevant subjects since each technical committee has representation from all
interested IEC National Committees.
3) IEC Publications have the form of recommendations for international use and are accepted by IEC National
Committees in that sense. While all reasonable efforts are made to ensure that the technical content of IEC
Publications is accurate, IEC cannot be held responsible for the way in which they are used or for any
misinterpretation by any end user.
4) In order to promote international uniformity, IEC National Committees undertake to apply IEC Publications
transparently to the maximum extent possible in their national and regional publications. Any divergence
between any IEC Publication and the corresponding national or regional publication shall be clearly indicated in
the latter.
5) IEC itself does not provide any attestation of conformity. Independent certification bodies provide conformity
assessment services and, in some areas, access to IEC marks of conformity. IEC is not responsible for any
services carried out by independent certification bodies.
6) All users should ensure that they have the latest edition of this publication.
7) No liability shall attach to IEC or its directors, employees, servants or agents including individual experts and
members of its technical committees and IEC National Committees for any personal injury, property damage or
other damage of any nature whatsoever, whether direct or indirect, or for costs (including legal fees) and
expenses arising out of the publication, use of, or reliance upon, this IEC Publication or any other IEC
Publications.
8) Attention is drawn to the Normative references cited in this publication. Use of the referenced publications is
indispensable for the correct application of this publication.
9) Attention is drawn to the possibility that some of the elements of this IEC Publication may be the subject of
patent rights. IEC shall not be held responsible for identifying any or all such patent rights.
International Standard IEC 62443-4-1 has been prepared by IEC technical committee 65:
Industrial-process measurement, control and automation.
The text of this International Standard is based on the following documents:
FDIS Report on voting
65/685/FDIS 65/688/RVD
Full information on the voting for the approval of this International Standard can be found in
the report on voting indicated in the above table.
This document has been drafted in accordance with the ISO/IEC Directives, Part 2.

IEC 62443-4-1:2018 © IEC 2018 – 7 –
A list of all parts in the IEC 62443 series, published under the general title Security for
industrial automation and control systems, can be found on the IEC website.
Future standards in this series will carry the new general title as cited above. Titles of existing
standards in this series will be updated at the time of the next edition.
The committee has decided that the contents of this document will remain unchanged until the
stability date indicated on the IEC website under "http://webstore.iec.ch" in the data related to
the specific document. At this date, the document will be
• reconfirmed,
• withdrawn,
• replaced by a revised edition, or
• amended.
A bilingual version of this publication may be issued at a later date.

IMPORTANT – The 'colour inside' logo on the cover page of this publication indicates
that it contains colours which are considered to be useful for the correct
understanding of its contents. Users should therefore print this document using a
colour printer.
– 8 – IEC 62443-4-1:2018 © IEC 2018
INTRODUCTION
This document is part of a series of standards that addresses the issue of security for
industrial automation and control systems (IACS). This document describes product
development life-cycle requirements related to cyber security for products intended for use in
the industrial automation and control systems environment and provides guidance on how to
meet the requirements described for each element.
This document has been developed in large part from the Secure Development Life-cycle
Assessment (SDLA) Certification Requirements [26] from the ISA Security Compliance
Institute (ISCI). Note that the SDLA procedure was based on the following sources:
– ISO/IEC 15408-3 (Common Criteria) [18];
– Open Web Application Security Project (OWASP) Comprehensive, Lightweight Application
Security Process (CLASP) [36];
– The Security Development Life-cycle by Michael Howard and Steve Lipner [43];
– IEC 61508 Functional safety of electrical/electronic/ programmable electronic
safety-related systems [24], and
– RCTA DO-178B Software Considerations in Airborne Systems and Equipment Certification
[28].
Therefore, all these sources can be considered contributing sources to this document.
This document is the part of the IEC 62443 series that contains security requirements for
developers of any automation and control products where security is a concern.
Figure 1 illustrates the relationship of the different parts of IEC 62443 that were in existence
or planned as of the date of circulation of this document. Those that are normatively
referenced are included in the list of normative references in Clause 2, and those that are
referenced for informational purposes or that are in development are listed in the Bibliography.
___________
Figures in square brackets refer to the bibliography.

IEC 62443-4-1:2018 © IEC 2018 – 9 –
IEC TS 62443-1-1 IEC TR 62443-1-2 IEC TS 62443-1-3 IEC TR 62443-1-4
Master glossary of System security
IACS security life-cycle
Terminology, concepts
terms and abbreviations compliance metrics
and use-cases
and models
IEC 62443-2-1 IEC TR 62443-2-2 IEC TR 62443-2-3 IEC 62443-2-4
Establishing an industrial
Implementation guidance Security program
Patch management in
automation and control for an IACS security
requirements for IACS
the IACS environment
system security program management system
service providers
IEC TR 62443-3-1 IEC 62443-3-2 IEC 62443-3-3
System security
Security technologies
Security risk assessment
requirements and
for industrial automation and system design
security levels
and control systems
IEC 62443-4-1 IEC 62443-4-2
Technical security
Product development
requirements for IACS
requirements
components
Published In development Development planned
Published (under review) Out for comment/vote Adoption planned

IEC
Figure 1 – Parts of the IEC 62443 series
Figure 2 illustrates how the developed product relates to maintenance and integration
capabilities defined in IEC 62443-2-4 and to its operation by the asset owner. The product
supplier develops products using a process compliant with this document. Those products
may be a single component, such as an embedded controller, or a group of components
working together as a system or subsystem. The products are then integrated together,
usually by a system integrator, into an Automation Solution using a process compliant with
IEC 62443-2-4. The Automation Solution is then installed at a particular site and becomes
part of the industrial automation and control system (IACS). Some of these capabilities
reference security measures defined in IEC 62443-3-3 [10] that the service provider ensures
are supported in the Automation Solution (either as product features or compensating
mechanisms). This document only addresses the process used for the development of the
product; it does not address design, installation or operation of the Automation Solution or
IACS.
In Figure 2, the Automation Solution is illustrated to contain one or more subsystems and
optional supporting components such as advanced control. The dashed boxes indicate that
these components are “optional”.
NOTE 1 Automation Solutions typically have a single product, but they are not restricted to do so. In some
industries, there may be a hierarchical product structure. In general, the Automation Solution is the set of hardware
and software, independent of product packaging, that is used to control a physical process (for example,
continuous or manufacturing) as defined by the asset owner.
NOTE 2 If a service provider provides products used in the Automation Solution, then the service provider is
fulfilling the role of product supplier in this diagram.
NOTE 3 If a service provider provides products used in the Automation Solution, then the service provider is
fulfilling the role of product supplier in this diagram.

Policies and
Component System
General
procedures
Status
key
– 10 – IEC 62443-4-1:2018 © IEC 2018
Industrial automation and control system (IACS)
Operational and maintenance
Asset
Operates (IEC 62443-2-1,
capabilities (policies and procedures)
Owner
IEC 62443-2-4)
+
Automation Solution (IEC 62443-3-3)
Integrates (IEC 62443-2-4,
System
Complementary
Integrator
hardware and
IEC 62443-3-2)
Subsystem 1 Subsystem 2
software
components
Configured for intended environment
Includes a configured instance  of the Product
Product (IEC 62443-4-2)
system, subsystem, or component such as:
Product
Develops (IEC 62443-4-1)
Supplier
Embedded Network Host
Applications
devices components devices
Independent of the intended environment
IEC
Figure 2 – Example scope of product life-cycle

IEC 62443-4-1:2018 © IEC 2018 – 11 –
SECURITY FOR INDUSTRIAL AUTOMATION
AND CONTROL SYSTEMS –
Part 4-1: Secure product development lifecycle requirements

1 Scope
This part of IEC 62443 specifies process requirements for the secure development of
products used in industrial automation and control systems. It defines a secure development
life-cycle (SDL) for the purpose of developing and maintaining secure products. This life-cycle
includes security requirements definition, secure design, secure implementation (including
coding guidelines), verification and validation, defect management, patch management and
product end-of-life. These requirements can be applied to new or existing processes for
developing, maintaining and retiring hardware, software or firmware for new or existing
products. These requirements apply to the developer and maintainer of the product, but not to
the integrator or user of the product. A summary list of the requirements in this document can
be found in Annex B.
2 Normative references
The following documents are referred to in the text in such a way that some or all of their
content constitutes requirements of this document. For dated references, only the edition
cited applies. For undated references, the latest edition of the referenced document (including
any amendments) applies.
IEC 62443-2-4:2015, Security for industrial automation and control systems – Part 2-4:
Security program requirements for IACS service providers
IEC 62443-2-4:2015/AMD1:2017
3 Terms, definitions, abbreviated terms, acronyms and conventions
3.1 Terms and definitions
For the purposes of this document, the terms and definitions given in IEC TR 62443-1-2 and
the following apply.
ISO and IEC maintain terminological databases for use in standardization at the following
addresses:
• IEC Electropedia: available at http://www.electropedia.org/
• ISO Online browsing platform: available at http://www.iso.org/obp
3.1.1
abuse case
test case used to perform negative operations of a use case
Note 1 to entry: Abuse case tests are simulated attacks often based on the threat model. An abuse case is a type
of complete interaction between a system and one or more actors where the results of the interaction are
intentionally intended to be harmful to the system, one of the actors or one of the stakeholders in the system.
___________
Under consideration.
– 12 – IEC 62443-4-1:2018 © IEC 2018
3.1.2
access control
protection of system resources against unauthorized access
3.1.3
access control
process by which use of system resources is regulated according to a security policy and is
permitted by only authorized users according to that policy
Note 1 to entry: Access control includes identification and authentication requirements specified in other parts of
the IEC 62443 series.
3.1.4
administrator
user who has been authorized to manage security policies/capabilities for a product or system
3.1.5
asset
physical or logical object owned by or under the custodial duties of an organization, having
either a perceived or actual value to the organization
Note 1 to entry: In this specific case, an asset is an object that is part of an IACS.
3.1.6
asset owner
individual or organization responsible for one or more IACSs
3.1.7
attack surface
physical and functional interfaces of a system that can be accessed and, therefore, potentially
exploited by an attacker
3.1.8
audit log
event log that requires a higher level of integrity protection than provided by typical event logs
Note 1 to entry: Audit logs are used to protect against claims that repudiate responsibility for an action.
3.1.9
authentication
provision of assurance that a claimed characteristic of an identity is correct
Note 1 to entry: Not all credentials used to authenticate an identity are created equally. The trustworthiness of the
credential is determined by the configured authentication mechanism. Hardware or software-based mechanisms
can force users to prove their identity before accessing data on a device. A typical example is proving the identity
of a user usually through an identity provider.
Note 2 to entry: Authentication includes verifying human users as well as non-human users such as devices or
processes.
3.1.10
automation solution
control system and any complementary hardware and software components that have been
installed and configured to operate in an IACS
Note 1 to entry: Automation Solution is used as a proper noun in this part of the IEC 62443 series.
Note 2 to entry: The difference between the control system and the Automation Solution is that the control system
is incorporated into the Automation Solution design (for example, a specific number of workstations, controllers and
devices in a specific configuration), which is then implemented. The resulting configuration is referred to as the
Automation Solution.
IEC 62443-4-1:2018 © IEC 2018 – 13 –
Note 3 to entry: The Automation Solution can be comprised of components from multiple suppliers including the
product supplier of the control system.
3.1.11
banned function
software method that is no longer recommended to be used in software because more secure
versions exist with less propensity for misuse
Note 1 to entry: Banned functions are sometimes called banned methods or banned Application Programming
Interfaces (APIs).
3.1.12
best practices
guidelines for securely designing, developing, testing, maintaining or retiring products that the
supplier has
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

Loading comments...

La norme SIST EN IEC 62443-4-1:2018 constitue une référence essentielle pour la sécurité des systèmes d'automatisation et de contrôle industriels (IACS). Elle se concentre particulièrement sur les exigences du cycle de vie de développement sécurisé des produits, ce qui en fait un atout majeur pour les développeurs dans le domaine de l'automatisation industrielle. L’étendue de cette norme couvre tous les aspects du processus de développement sécurisé, en définissant des exigences précises allant de la définition des exigences de sécurité à la gestion des défauts et à la gestion des mises à jour pour des systèmes en fin de vie. Cette approche systématique assure que chaque élément du cycle de vie du produit est pris en compte, offrant ainsi une protection robuste contre les menaces cybernétiques. Parmi les points forts de cette norme, on trouve la clarification des directrices de conception sécurisées qui sont essentielles pour minimiser les vulnérabilités dès la phase de développement. De plus, les recommandations sur la vérification et la validation servent à garantir que les produits répondent aux exigences de sécurité définies, tout en facilitant la gestion des défauts qui peuvent survenir au cours de leur utilisation. En outre, la norme est pertinente dans le contexte actuel où la sécurité des systèmes d’automatisation est de plus en plus mise en avant, car elle répond aux préoccupations croissantes en matière de cybersécurité au sein des environnements industriels. Elle apporte des solutions concrètes pour les fabricants et développeurs en leur fournissant un cadre clair et praticable pour l’intégration de la sécurité dans le processus de développement de produits. En somme, la SIST EN IEC 62443-4-1:2018 est un outil indispensable pour quiconque impliqué dans la conception et le maintien de produits destinés à l'automatisation industrielle, en mettant l'accent sur des pratiques de développement sécurisées qui répondent aux exigences actuelles du marché en matière de sécurité.

SIST EN IEC 62443-4-1:2018 표준은 산업 자동화 및 제어 시스템(IACS)을 위한 보안 프로세스를 정의하며, 제품 개발 생애 주기에서의 보안 요구 사항을 명확하게 규정하고 있습니다. 이 표준은 산업 자동화 및 제어 시스템의 보안 요구 사항을 체계적으로 다루는 주요 문서로서의 위치를 확고히 하고 있습니다. 특히, 이 표준의 강점은 사이버 보안에 중점을 두고 제품의 안전한 개발을 지원하는 포괄적인 요구 사항을 상세히 기술하고 있다는 점입니다. 보안 요구 사항 정의, 안전한 설계, 구현 단계에서의 보안, 검증과 검토, 결함 관리 및 패치 관리, 제품의 최종 생애 주기 모두를 포함한 체계적인 접근 방식을 통해 개발자와 유지 보수자가 직면하는 보안 문제를 효과적으로 관리할 수 있도록 안내합니다. 또한, 이 표준은 새로운 제품이나 기존 프로세스에 모두 적용될 수 있는 유연성을 제공하여 개발자와 유지 보수자가 제품의 보안을 강화하는 데 기여합니다. 개발 과정에서의 보안 요소들을 명확히 정의하고 있다는 점 역시 이 표준의 중요한 특징 중 하나입니다. 표준의 부록 B에는 필요한 요구 사항의 요약 목록이 제공되어 개발자들이 요구 사항을 쉽게 이해하고 적용할 수 있도록 돕고 있습니다. 이러한 점에서 SIST EN IEC 62443-4-1:2018은 산업 자동화 및 제어 시스템의 보안을 강화하려는 모든 기업에게 반드시 참고해야 할 문서입니다. 이 표준의 적용은 결과적으로 산업 환경에서의 사이버 보안 위협을 최소화하고 제품의 안전성을 높이는 데 중요한 역할을 하게 됩니다.

SIST EN IEC 62443-4-1:2018은 산업 자동화 및 제어 시스템(IACS)의 보안을 위한 핵심적인 표준으로, 제품의 안전한 개발 생명 주기 요구 사항을 명확하게 규정하고 있습니다. 이 표준의 범위는 산업 자동화와 제어 시스템에서 사용되는 제품의 보안 개발 프로세스를 정의하며, 사이버 보안과 관련된 안전한 개발 생명 주기(Secure Development Lifecycle, SDL) 요구 사항을 제공합니다. 이 표준의 주요 강점 중 하나는 보안 요구 사항 정의, 안전한 설계, 안전한 구현(코딩 가이드라인 포함), 검증 및 유효성 검사, 결함 관리, 패치 관리, 제품 생애 종료 등 다양한 요소에 대한 구체적인 지침을 제공한다는 점입니다. 이러한 요구 사항은 하드웨어, 소프트웨어 또는 펌웨어의 개발, 유지 관리 및 퇴역에 적용될 수 있어 최신의 보안 기준을 충족할 수 있도록 도와줍니다. 추가로, 이 표준은 제품 개발자와 유지 관리자를 주 대상으로 하여, 통합자나 최종 사용자에게는 적용되지 않는다는 점이 명확하게 나와 있습니다. 이를 통해 기업은 자사의 제품이 사이버 위협에 대비할 수 있도록 체계적으로 프로세스를 구축할 수 있습니다. 이러한 표준의 중요성은 산업의 보안 수준을 높이는 데 크며, 따라서 모든 관련 기업과 개발자는 이 표준을 준수할 필요가 있습니다. Annex B에는 요구 사항의 요약 목록이 제공되어 실무 적용에 있어 유용한 참고 자료가 될 수 있습니다. 결과적으로 SIST EN IEC 62443-4-1:2018은 산업 자동화 및 제어 시스템의 보안을 보장하기 위해 마련된 강력하고 체계적인 프레임워크를 제공하며, 이는 현대 산업에서 필수적인 사이버 보안 관행을 반영하고 있습니다.

Die Norm SIST EN IEC 62443-4-1:2018 ist ein entscheidendes Dokument, das die Anforderungen an den sicheren Produktentwicklungszyklus für industrielle Automatisierungs- und Steuerungssysteme (IACS) festlegt. Der Umfang dieser Norm befasst sich mit den Prozessanforderungen, die für die sichere Entwicklung von Produkten in diesem sensiblen Bereich notwendig sind. Dies ist besonders relevant, da die Sicherheit in der industriellen Automatisierung zunehmend an Bedeutung gewinnt, insbesondere im Hinblick auf die wachsenden Bedrohungen durch Cyberangriffe. Eine der größten Stärken der Norm besteht darin, dass sie einen klaren und strukturierten Rahmen bietet, der es Entwicklern ermöglicht, Sicherheitsanforderungen systematisch zu definieren. Die Norm umfasst verschiedene Phasen des Produktlebenszyklus, einschließlich der Sicherheitsanforderungsdefinition, des sicheren Designs, der sicheren Implementierung und der Validierung. Diese umfassende Sichtweise stellt sicher, dass Sicherheitsaspekte von der Idee bis zum Ende des Lebenszyklus des Produkts berücksichtigt werden. Besondere Aufmerksamkeit wird dabei auf das Management von Defekten und Updates gelegt, was für die Verlässlichkeit und Sicherheit der Produkte von entscheidender Bedeutung ist. Ein weiterer relevanter Aspekt dieser Norm ist, dass sie nicht nur für neue Produkte, sondern auch für bestehende Prozesse gilt. Dies erleichtert die Integration von Sicherheitsanforderungen in bereits vorhandene Systeme, was besonders im industriellen Umfeld, wo Stabilität und Zuverlässigkeit oberste Priorität haben, von Vorteil ist. Die Norm SIST EN IEC 62443-4-1:2018 trägt dazu bei, ein gemeinsames Verständnis und eine Vereinheitlichung der Anforderungen in der Branche zu schaffen. Dies fördert nicht nur die Sicherheitskultur in der Entwicklung von Automatisierungssystemen, sondern hilft auch, das Vertrauen von Endbenutzern in die Produkte zu stärken. Die klare Gliederung in verschiedene Phasen und die detaillierte Anleitung zur Erfüllung der Anforderungen macht die Norm zu einem wertvollen Leitfaden für Entwickler und Hersteller. Insgesamt ist die SIST EN IEC 62443-4-1:2018 eine notwendigen Richtlinie für die Gewährleistung von Cyber-Sicherheit in der produktentwicklung für industrielle Automatisierungs- und Steuerungssysteme und bietet eine solide Basis zur Sicherstellung von Sicherheitspraktiken in der gesamten Branche.

The SIST EN IEC 62443-4-1:2018 standard is a crucial document that outlines the secure product development lifecycle requirements tailored for products utilized in industrial automation and control systems (IACS). This standard is an integral part of the IEC 62443 series, which comprehensively addresses security challenges specific to IACS environments. One of the primary strengths of this standard is its detailed specification of process requirements necessary for the secure development of these products. It ensures that organizations adhere to a secure development life-cycle (SDL) framework, which encompasses various critical elements such as security requirements definition, secure design, and secure implementation. The explicit focus on coding guidelines, verification, validation, defect management, and patch management underscores its relevance in a landscape where cybersecurity vulnerabilities can have severe repercussions on operational integrity and safety. Moreover, the inclusion of the product end-of-life in the lifecycle description highlights the standard's comprehensive nature, ensuring that security considerations extend throughout the entire product lifecycle, from inception to retirement. By addressing both new and existing processes, the document provides flexibility for organizations to integrate these SDL requirements effectively, enhancing the overall security posture of their industrial automation systems. The clear demarcation of responsibilities, indicating that the requirements are applicable solely to the developers and maintainers of the products, reinforces its focused approach. This ensures that developers understand their obligations while delineating the expectations for integrators and users, thereby preventing ambiguities in responsibility. Furthermore, Annex B serves as a valuable resource by providing a summary list of the requirements, making it easier for practitioners to reference and implement the necessary protocols to comply with the standard. In summary, the SIST EN IEC 62443-4-1:2018 standard is a vital directive that establishes a framework for secure product development in industrial automation and control systems, addressing contemporary cybersecurity challenges while offering actionable guidance for developers and maintainers. Its thorough and structured approach makes it highly relevant in today’s rapidly evolving technological landscape.

SIST EN IEC 62443-4-1:2018は、産業オートメーションおよび制御システム(IACS)のための重要な標準であり、安全な製品開発ライフサイクル要件を定めています。この標準は、IACSにおけるサイバーセキュリティの問題に対応するための一連の標準の一部であり、その適用範囲は広範囲にわたり、ハードウェア、ソフトウェア、ファームウェアの開発、保守、および廃止に関わる全プロセスに整理されています。 この標準の強みは、サイバーセキュリティに関連した安全な開発ライフサイクル(SDL)要件に関する明確な指針を提供している点です。具体的には、セキュリティ要件の定義、安全な設計、安全な実装(コーディングガイドラインを含む)、検証とバリデーション、欠陥管理、パッチ管理、製品のライフサイクル終了に関する項目が含まれています。これにより、開発者やメンテナンス担当者は、製品の開発過程においてセキュリティを維持するための体系的かつ効果的なアプローチを採用できるようになります。 さらに、IEC 62443-4-1:2018は新旧のプロセスに適用可能であり、これにより企業は既存のシステムや新たに開発されるシステムに対しても、継続的に安全性を想定した運用が可能になります。付録Bには要件のサマリーリストが提供されており、開発者が必要な要件を迅速に把握し、適切に実施するための有用なリファレンスとなっています。 なお、重要なのは、この要件が製品の開発者およびメンテナンス担当者にのみ適用され、製品のインテグレーターやユーザーには適用されない点です。この制限により、標準は開発に特化したものであり、セキュリティ管理の最前線で活動する技術者にとっての頼りになる手引きとなるでしょう。

La norme SIST EN IEC 62443-4-1:2018 représente un document fondamental dans le domaine de la sécurité des systèmes d'automatisation et de contrôle industriels (IACS). Son objectif principal est de spécifier les exigences de processus pour le développement sécurisé des produits utilisés dans ce secteur. En tant qu'élément clé de la série IEC 62443, cette norme aborde les enjeux cruciaux de la cybersécurité au sein des processus de développement de produits. L'une des forces majeures de la norme SIST EN IEC 62443-4-1:2018 réside dans sa couverture complète des phases du cycle de vie de développement sécurisé (SDL). Elle stipule des exigences claires pour la définition des exigences de sécurité, la conception sécurisée, l'implémentation sécurisée (y compris les directives de codage), ainsi que pour la vérification et la validation. Ce cadre robuste permet aux développeurs de s'assurer que les produits répondent aux critères de sécurité avant leur mise sur le marché. Un autre aspect important est la gestion des défauts, la gestion des mises à jour (patch management) et la prise en charge de la fin de vie du produit, ce qui assure une continuité dans la sécurité tout au long du cycle de vie du produit. Ces exigences sont applicables tant aux nouveaux processus qu'à ceux déjà en place pour le développement, la maintenance et le retrait de matériel, de logiciels ou de firmware, ce qui renforce leur pertinence. Il est également essentiel de noter que les exigences de cette norme s'adressent spécifiquement aux développeurs et mainteneurs des produits, laissant ainsi de côté les intégrateurs et les utilisateurs finaux. Cela souligne l'importance de la responsabilité des concepteurs dans la création de systèmes sécurisés. L’annexe B de la norme offre d'ailleurs un résumé utile des exigences, facilitant ainsi leur consultation et leur application. En somme, la norme SIST EN IEC 62443-4-1:2018 est un document essentiel pour garantir la sécurité dans le développement des systèmes d'automatisation industrielle, en apportant des lignes directrices claires et exhaustives pour la mise en œuvre de mesures de cybersécurité adaptées à cet environnement complexe.

SIST EN IEC 62443-4-1:2018は、産業オートメーションおよび制御システムにおける製品の安全な開発ライフサイクル要件を定める重要な標準です。この標準には、サイバーセキュリティに関連する安全な開発プロセスの要求事項が含まれており、特にIACS(Industrial Automation and Control Systems)環境での使用を目的とした製品に焦点を当てています。 この標準の強みは、明確なライフサイクルの説明と具体的なセキュリティ要求の定義にあります。具体的には、安全な設計、安全な実装(コーディングガイドラインを含む)、検証および検証、欠陥管理、パッチ管理、製品の終息に至るまでの全過程をカバーしており、開発者やメンテナンス担当者が一貫して安全性を確保できるように設計されています。また、これらの要件は、新しいプロセスだけでなく、既存のプロセスにも適用可能であり、ソフトウェアやファームウェアだけでなく、ハードウェアの開発にも対応しています。 この標準の関連性は、サイバー攻撃が増加し、産業界におけるセキュリティの重要性が高まる中、特に際立っています。今日の複雑な技術環境において、製品のセキュリティを確保するためには、体系的かつ包括的なアプローチが必要であり、SIST EN IEC 62443-4-1:2018は、そのための基本的な枠組みを提供します。また、附属書Bでは要件の簡潔な一覧が提供されており、実施面での有用性が高まっています。 このような理由から、SIST EN IEC 62443-4-1:2018は、産業オートメーションおよび制御システムの開発に関与するすべての専門家にとって、非常に重要な標準と言えるでしょう。

The standard SIST EN IEC 62443-4-1:2018 offers a comprehensive framework for the secure development of products specifically designed for industrial automation and control systems (IACS). Its primary focus is on establishing clear and actionable requirements throughout the secure development lifecycle (SDL). One of the strengths of this standard is its clarity in defining each phase of the SDL, which includes critical processes such as security requirements definition, secure design, secure implementation, and robust verification and validation measures. By emphasizing these elements, the standard provides a structured approach to mitigating risks associated with cybersecurity vulnerabilities in products utilized within IACS environments. Moreover, the inclusion of defect management, patch management, and considerations for product end-of-life reinforces the importance of maintaining security throughout a product's lifespan. This holistic view ensures that security is not only addressed during initial development but is also a continuing concern throughout the entire product lifecycle. The document is particularly relevant for developers and maintainers of industrial automation products, offering tailored guidance that simplifies the complexities surrounding cybersecurity in these environments. It delineates responsibilities, making it clear that the outlined SDL requirements are directed toward product developers, thereby streamlining security practices within development teams. Another notable aspect of the SIST EN IEC 62443-4-1:2018 is Annex B, which provides a succinct summary list of the requirements. This annex serves as a valuable quick reference for stakeholders engaged in the secure development process, enhancing the usability of the standard. In conclusion, the SIST EN IEC 62443-4-1:2018 standard is a pivotal resource for organizations committed to enhancing the security of their industrial automation and control systems through a well-defined secure product development lifecycle. Its strengths lie in its comprehensive scope, detailed process specifications, and focused applicability, establishing it as an essential reference in contemporary cybersecurity practices within the industrial sector.

Die SIST EN IEC 62443-4-1:2018 ist ein bedeutendes Dokument, das sich umfassend mit den Anforderungen für einen sicheren Produktentwicklungslebenszyklus in der Industrieautomatisierung und Steuerungssystemen (IACS) beschäftigt. Der Standard legt klare Prozessanforderungen fest, die für die sichere Entwicklung von Produkten in diesem kritischen Bereich erforderlich sind. Ein herausragender Aspekt der Norm ist ihr gut definierter Rahmen bezüglich der Sicherheitsanforderungen. Sie umfasst alle wesentlichen Phasen des Lebenszyklus, darunter die Definition von Sicherheitsanforderungen, das sichere Design, die sichere Implementierung – einschließlich spezifischer Codierungsrichtlinien –, sowie die Validierung und Verifizierung. Diese Stadien sind entscheidend, um sicherzustellen, dass Produkte den hohen Anforderungen an Cyber-Sicherheit gerecht werden. Die Norm bietet auch wertvolle Leitlinien zur Verwaltung von Fehlern, zur Anwendung von Patch-Management und zur Handhabung des End-of-Life von Produkten. Durch die Bereitstellung solcher detaillierten Anweisungen trägt der Standard dazu bei, dass Unternehmen in der Lage sind, sowohl neue als auch bestehende Entwicklungsprozesse sicher zu gestalten. Die Relevanz dieser Norm kann nicht hoch genug eingeschätzt werden, insbesondere in einem Zeitalter, das von zunehmenden Cyber-Bedrohungen geprägt ist. Zusätzlich sind die Anforderungen ausschließlich auf Entwickler und Wartende von Produkten ausgerichtet, was bedeutet, dass Integratoren und Endbenutzer nicht direkt betroffen sind. Dies ermöglicht es den Unternehmen, ihre internen Prozesse gezielt zu optimieren und Sicherheitsvorkehrungen proaktiv zu implementieren. Die Zusammenstellung der Anforderungen in Anhang B erleichtert zudem den Zugang zu den wesentlichen Punkten, die bei der Umsetzung der Sicherheitsstandards berücksichtigt werden müssen. Insgesamt stellt die SIST EN IEC 62443-4-1:2018 eine essentielle Richtlinie dar, die maßgeblich zur Verbesserung der Sicherheit in der Industrieautomatisierung und Steuerungssystemen beiträgt. Durch ihre strukturierte Herangehensweise und umfassende Abdeckung aller notwendigen Aspekte des sicheren Produktentwicklungslebenszyklus setzt sie neue Maßstäbe in der Branche.