IEC 62443-4-2 Foundational Requirements
Die nachfolgenden Tabellen sind ein Auszug aus der WinCC OA Security Guideline und geben einen allgemeinen Überblick über die IEC 62443-2 Zertifizierung von WinCC OA. Weitere Details und detaillierte Informationen darüber, welche Sicherheitseinstellungen in einem Projekt vorgenommen werden müssen, finden Sie in der eigentlichen WinCC OA Security Guideline.
Wichtig: Die WinCC OA Security Guideline enthält
zusätzliche Mapping-Informationen darüber, wie die Anforderungen aus der Norm
IEC 62443-4-2 mit Features oder empfohlenen Konfigurationsschritten in WinCC OA korrespondieren. Diese Informationen sind in Kapitel 8 der
WinCC OA
Security Guideline zu finden.
IEC 62443 FR - Identification and Authentication Control (IAC)
| ID | Title | Verdict |
|---|---|---|
| CR 1.1 | Human user identification and authentication | Component |
| CR 1.1 RE1 | Unique identification and authentication | Component |
| CR 1.1 RE2 | Multi-factor authentication for all interfaces | System |
| CR 1.2 | Software process and device identification and authentication | Component |
| CR 1.2 RE1 | Unique identification and authentication | Component |
| CR 1.3 | Account management | Component |
| CR 1.4 | Identifier management | Component |
| CR 1.5 | Authenticator management | Component |
| CR 1.5 RE1 | Hardware security for authenticators | System |
| NDR 1.6 | Wireless access management | Not Applicable |
| NDR 1.6 RE1 | Unique identification and authentication | Not Applicable |
| CR 1.7 | Strength of password-based authentication | Component |
| CR 1.7 RE1 | Password generation and lifetime restrictions for human users | System |
| CR 1.7 RE2 | Password lifetime restrictions for all users (human, software process, or device) | System |
| CR 1.8 | Public key infrastructure certificates | Component |
| CR 1.9 | Strength of public key-based authentication | Component |
| CR 1.9 RE1 | Hardware security for public key-based authentication | Not Applicable |
| CR 1.10 | Authenticator feedback | Component |
| CR 1.11 | Unsuccessful login attempts | System |
| CR 1.12 | System use notification | Component |
| NDR 1.13 | Access via untrusted networks | Not Applicable |
| NDR 1.13 RE1 | Explicit access request approval | Not Applicable |
| CR 1.14 | Strength of symmetric key-based authentication | Not Applicable |
| CR 1.14 RE1 | Hardware security for symmetric key-based authentication | Not Applicable |
IEC 62443 FR - Use Control (UC)
| ID | Title | Verdict |
|---|---|---|
| CR 2.1 | Authorization enforcement | Component |
| CR 2.1 RE1 | Authorization enforcement for all users | Component |
| CR 2.1 RE2 | Permission mapping to roles | Component |
| CR 2.1 RE3 | Supervisor override | Fail |
| CR 2.1 RE4 | Dual approval | Fail |
| CR 2.2 | Wireless use control | Not Applicable |
| CR 2.3 | Use control for portable and mobile devices | Not Applicable |
| SAR 2.4 | Mobile code | Component |
| SAR 2.4 RE1 | Mobile code authenticity check | Fail |
| EDR 2.4 | Mobile code | Not Applicable |
| EDR 2.4 RE1 | Mobile code authenticity check | Not Applicable |
| HDR 2.4 | Mobile code | Not Applicable |
| HDR 2.4 RE1 | Mobile code authenticity check | Not Applicable |
| NDR 2.4 | Mobile code | Not Applicable |
| NDR 2.4 RE1 | Mobile code authenticity check | Not Applicable |
| CR 2.5 | Session lock | Component |
| CR 2.6 | Remote session termination | Component |
| CR 2.7 | Concurrent session control | Fail |
| CR 2.8 | Auditable events | Component |
| CR 2.9 | Audit storage capacity | Component |
| CR 2.9 RE1 | Warn when audit record storage capacity threshold reached | Component |
| CR 2.10 | Response to audit processing failures | Component |
| CR 2.11 | Timestamps | Component |
| CR 2.11 RE1 | Time synchronization | Component |
| CR 2.11 RE2 | Protection of time source integrity | Component |
| CR 2.12 | Non-repudiation | Component |
| CR 2.12 RE1 | Non-repudiation for all users | Component |
| EDR 2.13 | Use of physical diagnostic and test interfaces | Not Applicable |
| EDR 2.13 RE1 | Active monitoring | Not Applicable |
| HDR 2.13 | Use of physical diagnostic and test interfaces | Not Applicable |
| HDR 2.13 RE1 | Active monitoring | Not Applicable |
| NDR 2.13 | Use of physical diagnostic and test interfaces | Not Applicable |
| NDR 2.13 RE1 | Active monitoring | Not Applicable |
IEC 62443 FR - System Integrity (SI)
| ID | Title | Verdict |
|---|---|---|
| CR 3.1 | Communication integrity | Component |
| CR 3.1 RE1 | Communication authentication | Component |
| SAR 3.2 | Protection from malicious code | System |
| EDR 3.2 | Protection from malicious code | Not Applicable |
| HDR 3.2 | Protection from malicious code | Not Applicable |
| HDR 3.2 RE1 | Report version of code protection | Not Applicable |
| NDR 3.2 | Protection from malicious code | Not Applicable |
| CR 3.3 | Security functionality verification | Component |
| CR 3.3 RE1 | Security functionality verification during normal operation | Fail |
| CR 3.4 | Software and information integrity | Component |
| CR 3.4 RE1 | Authenticity of software and information | Component |
| CR 3.4 RE2 | Automated notification of integrity violations | System |
| CR 3.5 | Input validation | Component |
| CR 3.6 | Deterministic output | Component |
| CR 3.7 | Error handling | Component |
| CR 3.8 | Session integrity | Component |
| CR 3.9 | Protection of audit information | System |
| CR 3.9 RE1 | Audit records on write-once media | Not Applicable |
| EDR 3.10 | Support for updates | Not Applicable |
| EDR 3.10 RE1 | Update authenticity and integrity | Not Applicable |
| HDR 3.10 | Support for updates | Not Applicable |
| HDR 3.10 RE1 | Update authenticity and integrity | Not Applicable |
| NDR 3.10 | Support for updates | Not Applicable |
| NDR 3.10 RE1 | Update authenticity and integrity | Not Applicable |
| EDR 3.11 | Physical tamper resistance and detection | Not Applicable |
| EDR 3.11 RE1 | Notification of a tampering attempt | Not Applicable |
| HDR 3.11 | Physical tamper resistance and detection | Not Applicable |
| HDR 3.11 RE1 | Notification of a tampering attempt | Not Applicable |
| NDR 3.11 | Physical tamper resistance and detection | Not Applicable |
| NDR 3.11 RE1 | Notification of a tampering attempt | Not Applicable |
| EDR 3.12 | Provisioning product supplier roots of trust | Not Applicable |
| HDR 3.12 | Provisioning product supplier roots of trust | Not Applicable |
| NDR 3.12 | Provisioning product supplier roots of trust | Not Applicable |
| EDR 3.13 | Provisioning asset owner roots of trust | Not Applicable |
| HDR 3.13 | Provisioning asset owner roots of trust | Not Applicable |
| NDR 3.13 | Provisioning asset owner roots of trust | Not Applicable |
| EDR 3.14 | Integrity of the boot process | Not Applicable |
| EDR 3.14 RE1 | Authenticity of the boot process | Not Applicable |
| HDR 3.14 | Integrity of the boot process | Not Applicable |
| HDR 3.14 RE1 | Authenticity of the boot process | Not Applicable |
| NDR 3.14 | Integrity of the boot process | Not Applicable |
| NDR 3.14 RE1 | Authenticity of the boot process | Not Applicable |
IEC 62443 FR - Data Confidentiality (DC)
| ID | Title | Verdict |
|---|---|---|
| CR 4.1 | Information confidentiality | Component |
| CR 4.2 | Information persistence | Component |
| CR 4.2 RE1 | Erase of shared memory resources | Component |
| CR 4.2 RE2 | Erase verification | Component |
| CR 4.3 | Use of cryptography | Component |
IEC 62443 FR - Restricted Data Flow (RDF)
| ID | Title | Verdict |
|---|---|---|
| CR 5.1 | Network segmentation | Component |
| NDR 5.2 | Zone boundary protection | Not Applicable |
| NDR 5.2 RE1 | Deny all, permit by exception | Not Applicable |
| NDR 5.2 RE2 | Island mode | Not Applicable |
| NDR 5.2 RE3 | Fail close | Not Applicable |
| NDR 5.3 | General-purpose person-to-person communication restrictions | Not Applicable |
IEC 62443 FR - Timely Response to Events (TRE)
| ID | Title | Verdict |
|---|---|---|
| CR 6.1 | Audit log accessibility | Component |
| CR 6.1 RE1 | Programmatic access to audit logs | Component |
| CR 6.2 | Continuous monitoring | Fail |
IEC 62443 FR - Resource Availability (RA)
| ID | Title | Verdict |
|---|---|---|
| CR 7.1 | Denial of service protection | Component |
| CR 7.1 RE1 | Manage communication load from component | Component |
| CR 7.2 | Resource management | Component |
| CR 7.3 | Control system backup | Component |
| CR 7.3 RE1 | Backup integrity verification | Component |
| CR 7.4 | Control system recovery and reconstitution | Component |
| CR 7.6 | Network and security configuration settings | Component |
| CR 7.6 RE1 | Machine-readable reporting of current secu-rity settings | Component |
| CR 7.7 | Least functionality | Component |
| CR 7.8 | Control system component inventory | Component |
