ISA 62443-1-1-2007 Security for Industrial Automation and Control Systems Part 1 Terminology Concepts and Models (99 01 01).pdf
《ISA 62443-1-1-2007 Security for Industrial Automation and Control Systems Part 1 Terminology Concepts and Models (99 01 01).pdf》由会员分享,可在线阅读,更多相关《ISA 62443-1-1-2007 Security for Industrial Automation and Control Systems Part 1 Terminology Concepts and Models (99 01 01).pdf(94页珍藏版)》请在麦多课文档分享上搜索。
1、 AMERICAN NATIONAL STANDARD ANSI/ISA62443-1-1 (99.01.01)2007 (formerly designated as ANSI/ISA-99.00.01-2007) Security for Industrial Automation and Control Systems Part 1-1: Terminology, Concepts, and Models Approved 29 October 2007 ANSI/ISA62443-1-1 (99.01.01)2007 (formerly designated as ANSI/ISA-9
2、9.00.01-2007) Security for Industrial Automation and Control Systems Part 1-1: Terminology, Concepts, and Models ISBN: 978-1-934394-37-3 Copyright 2007 by ISA. All rights reserved. Not for resale. Printed in the United States of America. No part of this publication may be reproduced, stored in a ret
3、rieval system, or transmitted in any form or by any means (electronic mechanical, photocopying, recording, or otherwise), without the prior written permission of the Publisher. ISA 67 Alexander Drive P. O. Box 12277 Research Triangle Park, NC 27709 USA 3 ANSI/ISA62443-1-1 (99.01.01)2007 Copyright 20
4、07 ISA. All rights reserved. Preface This preface, as well as all footnotes and annexes, is included for information purposes and is not part of ANSI/ISA62443-1-1 (99.01.01)2007. This document has been prepared as part of the service of ISA, toward a goal of uniformity in the field of instrumentatio
5、n. To be of real value, this document should not be static but should be subject to periodic review. Toward this end, the Society welcomes all comments and criticisms and asks that they be addressed to the Secretary, Standards and Practices Board; ISA; 67 Alexander Drive; P. O. Box 12277; Research T
6、riangle Park, NC 27709; Telephone (919) 549-8411; Fax (919) 549-8288; E-mail: standardsisa.org. It is the policy of ISA to encourage and welcome the participation of all concerned individuals and interests in the development of ISA standards, recommended practices, and technical reports. Participati
7、on in the ISA standards-making process by an individual in no way constitutes endorsement by the employer of that individual, of ISA, or of any of the standards, recommended practices, and technical reports that ISA develops. CAUTION ISA adheres to the policy of the American National Standards Insti
8、tute with regard to patents. If ISA is informed of an existing patent that is required for use of the standard, it will require the owner of the patent to either grant a royalty-free license for use of the patent by users complying with the standard or a license on reasonable terms and conditions th
9、at are free from unfair discrimination. Even if ISA is unaware of any patent covering this standard, the user is cautioned that implementation of the standard may require use of techniques, processes, or materials covered by patent rights. ISA takes no position on the existence or validity of any pa
10、tent rights that may be involved in implementing the standard. ISA is not responsible for identifying all patents that may require a license before implementation of the standard or for investigating the validity or scope of any patents brought to its attention. The user should carefully investigate
11、 relevant patents before using the standard for the users intended application. However, ISA asks that anyone reviewing this standard who is aware of any patents that may impact implementation of the standard notify the ISA Standards and Practices Department of the patent and its owner. Additionally
12、, the use of this standard may involve hazardous materials, operations or equipment. The standard cannot anticipate all possible applications or address all possible safety issues associated with use in hazardous conditions. The user of this standard must exercise sound professional judgment concern
13、ing its use and applicability under the users particular circumstances. The user must also consider the applicability of any governmental regulatory limitations and established safety and health practices before implementing this standard. ANSI/ISA62443-1-1 (99.01.01)2007 4 Copyright 2007 ISA. All r
14、ights reserved. The following participated as voting members of ISA99 in the development of this standard: NAME COMPANY B. Singer, Chair Fluid IQs R. Webb, Managing Director Consultant E. Cosman, Lead Editor The Dow Chemical Co. R. Bhojani Bayer Technology Services M. Braendle ABB D. Brandl BR a pro
15、cess by which use of system resources is regulated according to a security policy and is permitted by only authorized entities (users, programs, processes, or other systems) according to that policy 11. 3.2.3 accountability property of a system (including all of its system resources) that ensures th
16、at the actions of a system entity may be traced uniquely to that entity, which can be held responsible for its actions 11. 3.2.4 application software program that performs specific functions initiated by a user command or a process event and that can be executed without access to system control, mon
17、itoring, or administrative privileges 9. 3.2.5 area subset of a sites physical, geographic, or logical group of assets. NOTE: An area may contain manufacturing lines, process cells, and production units. Areas may be connected to each other by a site local area network and may contain systems relate
18、d to the operations performed in that area. 3.2.6 asset physical or logical object owned by or under the custodial duties of an organization, having either a perceived or actual value to the organization. NOTE: In the case of industrial automation and control systems the physical assets that have th
19、e largest directly measurable value may be the equipment under control. 3.2.7 association cooperative relationship between system entities, usually for the purpose of transferring information between them 11. 3.2.8 assurance attribute of a system that provides grounds for having confidence that the
20、system operates such that the system security policy is enforced. ANSI/ISA62443-1-1 (99.01.01)2007 20 Copyright 2007 ISA. All rights reserved. 3.2.9 attack assault on a system that derives from an intelligent threat i.e., an intelligent act that is a deliberate attempt (especially in the sense of a
21、method or technique) to evade security services and violate the security policy of a system 11. NOTE: There are different commonly recognized classes of attack: An “active attack“ attempts to alter system resources or affect their operation. A “passive attack“ attempts to learn or make use of inform
22、ation from the system but does not affect system resources. An “inside attack“ is an attack initiated by an entity inside the security perimeter (an “insider“) i.e., an entity that is authorized to access system resources but uses them in a way not approved by those who granted the authorization. An
23、 “outside attack“ is initiated from outside the perimeter, by an unauthorized or illegitimate user of the system (including an insider attacking from outside the security perimeter). Potential outside attackers range from amateur pranksters to organized criminals, international terrorists, and hosti
24、le governments. 3.2.10 attack tree formal, methodical way of finding ways to attack the security of a system. 3.2.11 audit independent review and examination of records and activities to assess the adequacy of system controls, to ensure compliance with established policies and operational procedures
- 1.请仔细阅读文档,确保文档完整性,对于不预览、不比对内容而直接下载带来的问题本站不予受理。
- 2.下载的文档,不会出现我们的网址水印。
- 3、该文档所得收入(下载+内容+预览)归上传者、原创作者;如果您是本文档原作者,请点此认领!既往收益都归您。
下载文档到电脑,查找使用更方便
10000 积分 0人已下载
下载 | 加入VIP,交流精品资源 |
- 配套讲稿:
如PPT文件的首页显示word图标,表示该PPT已包含配套word讲稿。双击word图标可打开word文档。
- 特殊限制:
部分文档作品中含有的国旗、国徽等图片,仅作为作品整体效果示例展示,禁止商用。设计者仅对作品中独创性部分享有著作权。
- 关 键 词:
- ISA62443112007SECURITYFORINDUSTRIALAUTOMATIONANDCONTROLSYSTEMSPART1TERMINOLOGYCONCEPTSANDMODELS990101PDF
链接地址:http://www.mydoc123.com/p-789739.html