ISA committee launches major effort, nears completion of standards
In meetings at ISA EXPO this week, the ISA-SP99 Industrial Automation and Control Systems Security Committee focused on preparations to issue its first two standards and an updated guideline for committee voting, while launching a new working group to develop another standard in the ISA-99 series.
The committee decided to issue its Part 1 draft standard in November for what is expected to be a final round of committee voting. This standard, "Security for Industrial Automation and Control Systems: Concepts, Terminology and Models," will define the concepts, terminology, and models of industrial automation and control systems security, establishing the basis for the remaining standards in the ISA-99 series.
"Previous reviews and voting on the Part 1 draft generated over 250 comments from control system security experts across industry," stated Eric Cosman, of Dow Chemical Company and ISA-SP99 principal editor. "This input has considerably strengthened the draft and we are very confident our upcoming ballot will lead to publication of Part 1 as an American National Standard in early 2007," he added.
Prior reviews and voting on the Part 2 draft standard, "Establishing an Industrial Automation and Control Systems Security Program," resulted in a similar influx of comments that are being factored into a revised draft planned for committee balloting in early 2007. "As with Part 1, the review and commenting process has strengthened the Part 2 draft considerably," stated Part 2 editor James Gilsinn of the National Institute of Standards and Technology. The Part 2 standard will provide detailed guidance for developing a management system and program for the cyber security of industrial automation and control systems.
The ISA-SP99 committee made two additional announcements at ISA EXPO:
%%POINT%% Launch of a new working group to develop the ISA-99 Part 4 standard, Specific Security Requirements for Industrial Automation and Control Systems, which will provide the details of how security levels can be measured and established for specific systems, hardware and software.
%%POINT%% The impending release for committee voting of an update of ISA-TR99.00.01, Security Technologies for Industrial Automation and Control Systems, which provides an evaluation and assessment of current types of electronic security technologies and tools that may be employed by end-user companies for securing these systems against cyber attack.
Case Study Database
Get more exposure for your case study by uploading it to the Control Engineering case study database, where end-users can identify relevant solutions and explore what the experts are doing to effectively implement a variety of technology and productivity related projects.
These case studies provide examples of how knowledgeable solution providers have used technology, processes and people to create effective and successful implementations in real-world situations. Case studies can be completed by filling out a simple online form where you can outline the project title, abstract, and full story in 1500 words or less; upload photos, videos and a logo.
Click here to visit the Case Study Database and upload your case study.