ISA99: TRAZAR UN PLAN DE TRABAJO LAS NORMAS DE SEGURIDAD EN UNA NUEVA DÉCADA DE RIESGO
RESUMEN
ISA99: CHARTING A SECURITY STANDARDS ROADMAP INTO A RISKY NEW DECADE
And so as ISA Standards enters its seventh decade, a major focus continues on standards and guidelines to reduce the possibilities and limit the impacts of cyber threats to industrial systems and critical infrastructure. This work is performed primarily by the ISA99 committee on Industrial Automation and Control Systems Security, but draws from and impacts work across the ISA standards world and beyond.
THE ISA99 ROADMAP
IN the past year, ISA99 has established a roadmap that calls for delivering at least 14 standards and technical reports addressing vital aspects of industrial control systems security. These documents will build on ANSI/ISA-99.00.01, Security for Industrial Automation and Control Systems: Concepts, Terminology and Models. That standard was followed by ANSI/ISA-99.02.01, Security for Industrial Automation and Control Systems: Establishing an Industrial Automation and Control Systems Security Program.
In support of the roadmap, ISA99 has established three new working groups on cyber security with other key ISA standards committees. These include joint working groups with ISA100 on wireless automation, ISA67 on the special requirements of nuclear plants, and ISA84 on functional safety.
THE ISA99-84 JOINT WORKING GROUP’S INITIAL WORK HAS FOCUSED ON:
· Developing a security assurance level methodology for cyber security, similar to that of the current safety integrity levels (SIL) defined in ISA84
· Defining and developing processes for identifying intentional and systematic threats that can expose process hazards
ANOTHER ROADMAP
The ISA99 work has also been recognized within the Framework and Roadmap for Smart Grid Interoperability Standards released by the U.S. National Institute of Standards and Technology (NIST) in September 2009. NIST’s intent is to identify existing and draft standards vital to the success of the highly publicized Smart Grid program. All ISA99 published and draft documents are being made readily available for access by U.S. state utility commissions, the Federal Energy Regulatory Commission, and the National Association of Regulatory Utility Commissioners, who will be reviewing the content of all identified standards for regulatory purposes.
VOCABULARIO
· Bombing: bombardeo
· Industrial automation: automatización industrial
· manufacturing and processing: fabricación y procesamiento
· Security for Industrial Automation and Control Systems: Seguridad para la Automatización Industrial y de Sistemas de Control
· Security Technologies for Manufacturing and Control Systems: Tecnologías para la Seguridad de los Sistemas de Fabricación y Control
· Critical Infrastructures: infraestructuras críticas.
· Methodologies to identify and mitigate risk: metodologías para identificar y mitigar los riesgos
· Challenges: desafíos
· Methodology for cyber security: metodología para la seguridad cibernética
· Draft: proyecto
No hay comentarios:
Publicar un comentario