ISA committee launches major effort, nears completion of standards
In meetings at ISA EXPO this week, the ISA-SP99 Industrial Automation and Control Systems Security Committee focused on preparations to issue its first two standards and an updated guideline for committee voting, while launching a new working group to develop another standard in the ISA-99 series.
The committee decided to issue its Part 1 draft standard in November for what is expected to be a final round of committee voting. This standard, “Security for Industrial Automation and Control Systems: Concepts, Terminology and Models,” will define the concepts, terminology, and models of industrial automation and control systems security, establishing the basis for the remaining standards in the ISA-99 series.
“Previous reviews and voting on the Part 1 draft generated over 250 comments from control system security experts across industry,” stated Eric Cosman, of Dow Chemical Company and ISA-SP99 principal editor. “This input has considerably strengthened the draft and we are very confident our upcoming ballot will lead to publication of Part 1 as an American National Standard in early 2007,” he added.
Prior reviews and voting on the Part 2 draft standard, “Establishing an Industrial Automation and Control Systems Security Program,” resulted in a similar influx of comments that are being factored into a revised draft planned for committee balloting in early 2007. “As with Part 1, the review and commenting process has strengthened the Part 2 draft considerably,” stated Part 2 editor James Gilsinn of the National Institute of Standards and Technology. The Part 2 standard will provide detailed guidance for developing a management system and program for the cyber security of industrial automation and control systems.
The ISA-SP99 committee made two additional announcements at ISA EXPO:
%%POINT%% Launch of a new working group to develop the ISA-99 Part 4 standard, Specific Security Requirements for Industrial Automation and Control Systems, which will provide the details of how security levels can be measured and established for specific systems, hardware and software.
%%POINT%% The impending release for committee voting of an update of ISA-TR99.00.01, Security Technologies for Industrial Automation and Control Systems, which provides an evaluation and assessment of current types of electronic security technologies and tools that may be employed by end-user companies for securing these systems against cyber attack.
Do you have experience and expertise with the topics mentioned in this content? You should consider contributing to our WTWH Media editorial team and getting the recognition you and your company deserve. Click here to start this process.