UNLIMITED FREE
ACCESS TO THE WORLD'S BEST IDEAS

SUBMIT
Already a GlobalSpec user? Log in.

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

Customize Your GlobalSpec Experience

Select Your Free Newsletters

Industry Newsletters

Select Your Free Product Alerts

Finish!
Privacy Policy

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

ISO/IEC 24392

Cybersecurity — Security reference model for industrial internet platform (SRM-IIP)

active, Most Current
Organization: ISO
Publication Date: 1 July 2023
Status: active
Page Count: 42
ICS Code (IT Security): 35.030
scope:

This document presents specific characteristics of industrial internet platforms (IIPs), including related security threats, context-specific security control objectives and security controls.

This document covers specific security concerns in the industrial context and thus complements generic security standards and reference models. In particular, this document includes secure data collection and transmission among industrial devices, data security of industrial cloud platforms, and secure collaborations with various industry stakeholders.

The users of this document are organizations who develop, operate, or use any components of IIPs, including third parties who provide services to the abovementioned stakeholders.

This document provides recommendations for users on how to protect IIPs against IIP-specific threats.

Document History

ISO/IEC 24392
July 1, 2023
Cybersecurity — Security reference model for industrial internet platform (SRM-IIP)
This document presents specific characteristics of industrial internet platforms (IIPs), including related security threats, context-specific security control objectives and security controls. This...

References

This document references:
IEC 61000-1-2 - Electromagnetic compatibility (EMC) - Part 1-2: General - Methodology for the achievement of functional safety of electrical and electronic systems including equipment with regard to electromagnetic phenomena
Published by IEC on April 1, 2016
This part of IEC 61000 establishes a methodology for the achievement of functional safety only with regard to electromagnetic phenomena. This methodology includes the implication it has on equipment...
This document references:
IEC 62351-3 - Power systems management and associated information exchange – Data and communications security – Part 3: Communication network and system security – Profiles including TCP/IP
Published by IEC on February 1, 2020
Scope This part of IEC 62351 specifies how to provide confidentiality, integrity protection, and message level authentication for SCADA and telecontrol protocols that make use of TCP/IP as a message...
This document references:
IEC/TS 62351-8 - Power systems management and associated information exchange – Data and communications security – Part 8: Role-based access control
Published by IEC on September 1, 2011
This technical specification covers the access control of users and automated agents – in the following subjects – to data objects in power systems by means of role-based access control (RBAC). RBAC...
This document references:
IEC 62443-3-2 - Security for industrial automation and control systems – Part 3-2: Security risk assessment for system design
Published by IEC on June 1, 2020
This part of IEC 62443 establishes requirements for: • defining a system under consideration (SUC) for an industrial automation and control system (IACS); • partitioning the SUC into zones and...
This document references:
IEC 62443-4-1 - Security for industrial automation and control systems – Part 4-1: Secure product development lifecycle requirements
Published by IEC on January 1, 2018
This part of IEC 62443 specifies process requirements for the secure development of products used in industrial automation and control systems. It defines a secure development life-cycle (SDL) for...
View Less
View All
Advertisement