Abstract
New generation Industrial Automation and Control Systems (IACS) are providing advanced connectivity features, enabling new automation applications, services and business models in the Industrial Internet of Things (IIoT) era. Nevertheless, due to the extended attack surface and increasing number of cyber-attacks against industrial equipment, security concerns arise. Hence, these systems should provide enough protection and resiliency against cyber-attacks throughout their entire lifespan, which, in the case of industrial systems, may last several decades. A sound and complete management of security issues and software updates is fundamental to achieve such goal, since leading-edge security countermeasures implemented in the development phase may eventually become out-of-date. In this article, a review of the IEC 62443 industrial security standard concerning the security maintenance of IIoT systems and components is given, along with guidelines for the implementation of such processes. As concluded, the security issues and software updates management shall jointly be addressed by the asset owner, service providers and product suppliers. These security processes should also be compatible with the safety procedures established by safety standards.
Highlights
The Industrial Internet of Things (IIoT), an industrial subset of the Internet of Things (IoT)model, are enabling new industrial control and automation applications, services and business models
During the system and components maintenance stage, the asset owner, service providers and product suppliers might receive any kind of notifications about security-related events affecting and/or compromising the operated IIoT systems and components
Specifies the requirements for the integration and maintenance activities for service providers. They shall ensure that all personnel and activities associated and involved in the system maintenance processes comply with the security policies, procedures and responsibilities established by the organisation
Summary
The Industrial Internet of Things (IIoT), an industrial subset of the Internet of Things (IoT). The need of human intervention for process diagnostics, analysis and decision-making is reduced In this context, security emerges as an essential requirement to protect this working environment, in which according to Kaspersky [1], more than 150 industrial control systems-related vulnerabilities are discovered every year. In contrast to the security domain, which may require performing updates periodically in order to maintain the security level, the trust level on traditional technologies involved in industrial control systems increases with the passage of time, especially in safety-related systems. An analysis of the industrial security IEC 62433 standard [16] for the security issues and software updates management on IIoT systems and components is provided. Procedures and guidelines for the security issues and software update management, based on the requirements of the IEC 62443 standard [16], are provided. Conclusions are presented and future lines and open issues discussed
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
