分享
IEC_TR_62443-2-3-2015.pdf
下载文档

ID:234975

大小:1.65MB

页数:66页

格式:PDF

时间:2023-03-14

收藏 分享赚钱
温馨提示:
1. 部分包含数学公式或PPT动画的文件,查看预览时可能会显示错乱或异常,文件下载后无此问题,请放心下载。
2. 本文档由用户上传,版权归属用户,汇文网负责整理代发布。如果您对本文档版权有争议请及时联系客服。
3. 下载前请仔细阅读文档内容,确认文档内容符合您的需求后进行下载,若出现内容与标题不符可向本站投诉处理。
4. 下载文档时可能由于网络波动等原因无法下载或下载错误,付费完成后未能成功下载的用户请联系客服处理。
网站客服:3074922707
IEC_TR_62443 2015
IEC TR 62443-2-3 Edition 1.0 2015-06 TECHNICAL REPORT Security for industrial automation and control systems Part 2-3:Patch management in the IACS environment IEC TR 62443-2-3:2015-06(en)colourinside THIS PUBLICATION IS COPYRIGHT PROTECTED Copyright 2015 IEC,Geneva,Switzerland All rights reserved.Unless otherwise specified,no part of this publication may be reproduced or utilized in any form or by any means,electronic or mechanical,including photocopying and microfilm,without permission in writing from either IEC or IECs member National Committee in the country of the requester.If you have any questions about IEC copyright or have an enquiry about obtaining additional rights to this publication,please contact the address below or your local IEC member National Committee for further information.IEC Central Office Tel.:+41 22 919 02 11 3,rue de Varemb Fax:+41 22 919 03 00 CH-1211 Geneva 20 infoiec.ch Switzerland www.iec.ch A bout the IEC The International Electrotechnical Commission(IEC)is the leading global organization that prepares and publishes International Standards for all electrical,electronic and related technologies.About IEC publications The technical content of IEC publications is kept under constant review by the IEC.Please make sure that you have the latest edition,a corrigenda or an amendment might have been published.IEC Catalogue-webstore.iec.ch/catalogue The stand-alone application for consulting the entire bibliographical infor mation on IEC Inter national Standards,Technical Specifications,Technical Reports and other documents.Available for PC,Mac OS,Andr oid Tablets and iPad.IEC publications search-www.iec.ch/searchpub The advanced search enables to find IEC publications by a variety of criter ia(r efer ence number,text,technical committee,).It also gives information on pr ojects,replaced and w ithdr awn publications.IEC Just Published-webstore.iec.ch/justpublished Stay up to date on all new IEC publications.Just Published details all new publications released.Available online and also once a month by email.Electropedia-www.electropedia.org The w or lds leading online dictionary of electronic and electr ical ter ms containing more than 30 000 ter ms and definitions in English and French,w ith equivalent ter ms in 15 additional languages.Also known as the Inter national Electr otechnical Vocabulary (IEV)online.IEC Glossary -std.iec.ch/glossary Mor e than 60 000 electrotechnical terminology entries in English and Fr ench extr acted fr om the Terms and Definitions clause of IEC publications issued since 2002.Some entr ies have been collected fr om ear lier publications of IEC TC 37,77,86 and CISPR.IEC Customer Serv ice Centre-webstore.iec.ch/csc If you w ish to give us y our feedback on this publication or need further assistance,please contact the Customer Ser vice Centr e:csciec.ch.IEC TR 62443-2-3 Edition 1.0 2015-06 TECHNICAL REPORT Security for industrial automation and control systems Part 2-3:Patch management in the IACS environment INTERNATIONAL ELECTROTECHNICAL COMMISSION ICS:25.040.40;35.040;35.100 ISBN 978-2-8322-2768-8 Registered trademark of the International Electrotechnical Commission Warning!Make sure that y ou obtained this publication from an authorized distributor.colourinside 2 IEC TR 62443-2-3:2015 IEC 2015 CONTENTS FOREWORD.5 INTRODUCTION.7 1 Scope.8 2 Normative references.8 3 Terms,definitions,abbreviated terms and acronyms.8 3.1 Terms and definitions.8 3.2 Abbreviated terms and acronyms.9 4 Industrial automation and control system patching.11 4.1 Patching problems faced in industrial automation and control systems.11 4.2 Impacts of poor patch management.11 4.3 Obsolete IACS patch management mitigation.12 4.4 Patch lifecycle state.12 5 Recommended requirements for asset owner.13 6 Recommended requirements for IACS product supplier.14 7 Exchanging patch information.14 7.1 General.14 7.2 Patch information exchange format.15 7.3 Patch compatibility information filename convention.15 7.4 VPC file schema.15 7.5 VPC file element definitions.17 Annex A(informative)VPC XSD file format.21 A.1 VPC XSD file format specification.21 A.2 Core component types.23 A.2.1 Overview.23 A.2.2 CodeType.23 A.2.3 DateTimeType.24 A.2.4 IdentifierType.24 A.2.5 IndicatorType.25 A.2.6 TextType.25 Annex B(informative)IACS asset owner guidance on patching.26 B.1 Annex organization.26 B.2 Overview.26 B.3 Information gathering.27 B.3.1 Inventory of existing environment.27 B.3.2 Tools for manual and automatic scanning.29 B.3.3 IACS product supplier contact and relationship building.30 B.3.4 Supportability and product supplier product lifecycle.32 B.3.5 Evaluation and assessment of existing environment.32 B.3.6 Classification and categorization of assets/hardware/software.33 B.4 Project planning and implementation.36 B.4.1 Overview.36 B.4.2 Developing the business case.37 B.4.3 Establishing and assigning roles and responsibilities.38 B.4.4 Testing environment and infrastructure.40 B.4.5 Implement backu

此文档下载收益归作者所有

下载文档
你可能关注的文档
收起
展开