Security & Monitoring
IEC 62443 standard addresses cybersecurity for industrial
automation and control systems Impulse Embedded together with MOXA offer a proactive approach to safeguarding infrastructures
I
EC 62443-4-2 is a standard within the IEC 62443 series, which addresses cybersecurity for industrial automation and control systems (IACS). Specifically, IEC 62443-4-2 defines the technical security requirements for IACS components. IEC 62443-4-2 works in conjunction with IEC 62443-4-1, which focuses on the secure development lifecycle requirements for IACS products. Together, these standards ensure that both the development processes and the technical specifications of the components meet rigorous cybersecurity standards. These standards have become mandatory technical requirements in many countries, and as demand for product security increases, it has become a growing requirement for manufacturers to prove the security level for their Industrial IoT equipment. Given its applicability with the recent NIS2 directive, what are the key aspects of the standard and how can MOXA’s device portfolio contribute to upholding a regulatory level of cybersecurity?
18 March 2025
IEC 62443-4-2 provides detailed cybersecurity requirements for individual IACS components. These components can include: Embedded devices: Devices with computing power and memory, typically used in field operations.
Network components: Devices such as switches, routers, and firewalls that facilitate communication within the IACS.
Host devices: General-purpose computing devices such as servers and workstations.
Software applications: Software that runs on host devices and provides various functions within the IACS. The standard is intended for use by developers, integrators, and operators of IACS to ensure that their components meet the necessary security requirements. The goal is to ensure that each component meets a baseline level of security, thereby contributing to the system’s overall security.
The standard outlines different security levels (SL1 to SL4), which represent increasing degrees of security. Each level corresponds
Components in Electronics
to the component’s resilience against attacks with different levels of complexity. Components must meet the requirements for the desired security level appropriate to their intended deployment environment.
IEC 62443-4-2 specifies several foundational requirements (FRs): FR1 - Identification and Authentication Control (IAC): Ensuring that entities (users, devices, software processes) are properly identified and authenticated before accessing system resources.
FR2 - Use Control (UC): Ensuring that authenticated entities have appropriate access permissions.
FR3 - System Integrity (SI): Protecting the integrity of the system and its data.
FR4 - Data Confidentiality (DC): Ensuring that data is protected from unauthorised access.
FR5 - Restricted Data Flow (RDF): Controlling the flow of data to ensure it is only accessible to authorised entities.
FR6 - Timely Response to Events (TRE): Ensuring that security-related events are responded to promptly.
FR7 - Resource Availability (RA): Ensuring the availability of necessary resources for system operation. Adhering to these standards can help organisations better protect their systems from cyber threats and ensure safe and reliable operations.
MOXA’s IEC 62443-4-2 SL2
Thankfully, MOXA has many devices in their portfolio that are IEC 62443-4-2 certified and, therefore, conform to the cybersecurity standards for secure industrial purposes. This includes the EDS-4000/G4000 series of industrial ethernet switches, which are among the world’s first to achieve this certification. The series consists of 68 models, ranging from 8 to 14 ports.
Aside from the EDS-4000/G4000, other devices manufactured by MOXA that are compliant with the standards are:
www.cieonline.co.uk
Page 1 |
Page 2 |
Page 3 |
Page 4 |
Page 5 |
Page 6 |
Page 7 |
Page 8 |
Page 9 |
Page 10 |
Page 11 |
Page 12 |
Page 13 |
Page 14 |
Page 15 |
Page 16 |
Page 17 |
Page 18 |
Page 19 |
Page 20 |
Page 21 |
Page 22 |
Page 23 |
Page 24 |
Page 25 |
Page 26 |
Page 27 |
Page 28 |
Page 29 |
Page 30 |
Page 31 |
Page 32 |
Page 33 |
Page 34 |
Page 35 |
Page 36 |
Page 37 |
Page 38 |
Page 39 |
Page 40 |
Page 41 |
Page 42 |
Page 43 |
Page 44 |
Page 45 |
Page 46 |
Page 47 |
Page 48 |
Page 49 |
Page 50 |
Page 51 |
Page 52 |
Page 53 |
Page 54 |
Page 55 |
Page 56