IEC 62443 FR - Use Control (UC)
ID | Title | Verdict |
---|---|---|
CR 2.1 | Authorization enforcement | Component |
CR 2.1 RE1 | Authorization enforcement for all users | Component |
CR 2.1 RE2 | Permission mapping to roles | Component |
CR 2.1 RE3 | Supervisor override | Fail |
CR 2.1 RE4 | Dual approval | Fail |
CR 2.2 | Wireless use control | Not Applicable |
CR 2.3 | Use control for portable and mobile devices | Not Applicable |
SAR 2.4 | Mobile code | Component |
SAR 2.4 RE1 | Mobile code authenticity check | System
Important: Implementing the SAR 2.4 RE (1) requirement is
possible on a system level but not by the WinCC OA component itself. Please read the Security Guideline for further
details.
|
EDR 2.4 | Mobile code | Not Applicable |
EDR 2.4 RE1 | Mobile code authenticity check | Not Applicable |
HDR 2.4 | Mobile code | Not Applicable |
HDR 2.4 RE1 | Mobile code authenticity check | Not Applicable |
NDR 2.4 | Mobile code | Not Applicable |
NDR 2.4 RE1 | Mobile code authenticity check | Not Applicable |
CR 2.5 | Session lock | Component |
CR 2.6 | Remote session termination | Component |
CR 2.7 | Concurrent session control | Fail |
CR 2.8 | Auditable events | Component |
CR 2.9 | Audit storage capacity | Component |
CR 2.9 RE1 | Warn when audit record storage capacity threshold reached | Component |
CR 2.10 | Response to audit processing failures | Component |
CR 2.11 | Timestamps | Component |
CR 2.11 RE1 | Time synchronization | Component |
CR 2.11 RE2 | Protection of time source integrity | Component |
CR 2.12 | Non-repudiation | Component |
CR 2.12 RE1 | Non-repudiation for all users | Component |
EDR 2.13 | Use of physical diagnostic and test interfaces | Not Applicable |
EDR 2.13 RE1 | Active monitoring | Not Applicable |
HDR 2.13 | Use of physical diagnostic and test interfaces | Not Applicable |
HDR 2.13 RE1 | Active monitoring | Not Applicable |
NDR 2.13 | Use of physical diagnostic and test interfaces | Not Applicable |
NDR 2.13 RE1 | Active monitoring | Not Applicable |