ISA-IEC-62443 Reviews Questions

Asymmetric (public) key algorithms are a type of cryptographic algorithms that require more than one key. Asymmetric key algorithms use a pair of keys, one for encryption and one for decryption, that are mathematically related but not identical1. The encryption key is usually made public, while the decryption key is kept private. This allows anyone to encrypt a message using the public key, but only the intended recipient can decrypt it using the private key1. Asymmetric key algorithms are also known as public key algorithms or public key cryptography1. Asymmetric key algorithms are used for various purposes, such as digital signatures, key exchange, and encryption2. Some examples of asymmetric key algorithms are RSA, Diffie-Hellman, ElGamal, and Elliptic Curve Cryptography2.

According to the ISA/IEC 62443-3-2 standard, implementing countermeasures is one of the steps in the security risk assessment for system design. The standard defines a comprehensive set of engineering measures to guide organizations through the process of assessing the risk of a particular industrial automation and control system (IACS) and identifying and applying security countermeasures to reduce that risk to tolerable levels. The standard recommends the following steps for implementing countermeasures:

Establish the risk tolerance: This step involves determining the acceptable level of risk for the organization and the system under consideration, based on the business objectives, legal and regulatory requirements, and stakeholder expectations. The risk tolerance can be expressed as a target security level (SL-T) for each zone or conduit in the system.

Select common countermeasures: This step involves selecting the appropriate security countermeasures for each zone or conduit, based on the SL-T and the existing security level (SL-A) of the system. The standard provides a list of common countermeasures for each security level, covering the domains of physical security, network security, system security, and application security. The selected countermeasures should be documented and justified in the security risk assessment report. References: ISA/IEC 62443 Cybersecurity Series Designated as IEC Horizontal Standards, Cybersecurity Risk Assessment According to ISA/IEC 62443-3-2

Datagram Transport Layer Security (DTLS) and Secure Sockets Layer (SSL) are both commonly used protocols for managing secure data transmission on the Internet. DTLS is a variant of SSL that is designed to work over datagram protocols such as UDP, which are used for real-time applications such as voice and video. SSL is a protocol that provides encryption, authentication, and integrity for data transmitted over TCP, which is used for reliable and ordered delivery of data. Both DTLS and SSL use certificates and asymmetric cryptography to establish a secure session between the communicating parties, and then use symmetric cryptography to encrypt the data exchanged. DTLS and SSL are widely used in web browsers, email clients, VPNs, and other applications that require secure communication over the Internet. References:

ISA/IEC 62443 Standards to Secure Your Industrial Control System, Module 3: Introduction to Cryptography, pages 3-5 to 3-7

Using the ISA/IEC 62443 Standards to Secure Your Control System, Chapter 6: Securing Communications, pages 125-126

Patch management is the process of applying software updates to fix security vulnerabilities, improve functionality, or enhance performance. Patch management is an essential part of cybersecurity, as unpatched systems can be exploited by malicious actors. However, patch management for industrial automation and control systems (IACS) is more challenging than for business systems, because patching a live automation system can create safety risks. According to the ISA/IEC 62443 standards, patching an IACS may have the following potential impacts1:

Patching may introduce new vulnerabilities or errors that compromise the availability, integrity, or confidentiality of the IACS.

Patching may affect the functionality or performance of the IACS, causing unexpected or undesired behavior, such as process shutdowns, slowdowns, or failures.

Patching may require downtime or reduced operation of the IACS, which may affect production, quality, or profitability.

Patching may require additional resources, such as personnel, equipment, or testing facilities, which may not be readily available or affordable.

Therefore, patch management for IACS requires careful planning, testing, and validation before applying patches to the operational environment. The ISA/IEC 62443 standards provide guidance and best practices for patch management in the IACS environment, such as1:

Establishing a patch management program that defines roles, responsibilities, policies, and procedures for patching IACS components and systems.

Identifying and prioritizing the IACS assets that need patching, based on their criticality, vulnerability, and risk level.

Evaluating and verifying the patches for compatibility, functionality, and security before applying them to the IACS.

Implementing and documenting the patching process, including backup, recovery, and rollback procedures, in case of patch failure or adverse effects.

Monitoring and auditing the patching activities and outcomes, and reporting any issues or incidents.