IEC 62443

IEC 62443 — Industrial Communication Networks: Network and System Security

StandardInternational

IEC 62443 is the global standard series for securing Industrial Automation and Control Systems (IACS). Part 3-3 defines system security requirements organized around 7 Foundational Requirements, each assessed across 4 Security Levels. The standard addresses the complete lifecycle of industrial cybersecurity, from risk assessment through zones and conduits to ongoing monitoring.

Also explore

GDPR DORA NIS2 SOC 2 HIPAA PCI DSS ISO 27001 CMMC NERC CIP MITRE ATT&CK ICS CISA CPGs Saudi OTCC NIST CSF 2.0 NIST 800-53 NIST 800-171 CIS Controls CSA CCM CSA CAIQ

Foundational Requirements

Security Levels

Standard Parts

Global

Adoption

Who Needs to Comply

Asset Owners

Manufacturing plants, utilities, and process industries operating IACS
Organizations with networked PLCs, SCADA, DCS, or HMI systems
Critical infrastructure operators subject to OT security requirements
Companies pursuing ISASecure certification

System Integrators & Product Suppliers

OT vendors and control system manufacturers
SCADA integrators and automation engineers
Product developers seeking ISASecure EDSA or SSA certification
Managed security service providers for industrial environments

Key Compliance Areas

FR 1

Identification & Authentication Control

User, device, and software identity verification with multi-factor support at higher security levels. Applies to all IACS components.

FR 2

Use Control

Role-based access control and least privilege enforcement for OT operators, maintenance personnel, and automated processes.

FR 3-4

System Integrity & Data Confidentiality

Communication integrity verification, malicious code protection, data-at-rest and in-transit encryption for control system data.

FR 5

Restricted Data Flow

Network segmentation via zones and conduits, application partitioning, and boundary protection between security zones.

FR 6-7

Timely Response & Resource Availability

Audit logging, incident response, denial of service protection, backup and recovery for operational continuity.

How Orizon Helps

Asset Inventory & Zone Mapping

Identify all IACS assets and define security zones and conduits based on operational requirements and risk.

Target Security Level Assessment

Determine the required Security Level Target (SL-T) for each zone based on threat analysis and risk tolerance.

Gap Analysis

Compare current Security Level Capability (SL-C) against the target SL-T to identify control gaps.

Control Implementation

Apply System Requirements (SRs) and Requirement Enhancements (REs) to close gaps per each Foundational Requirement.

Verification & Validation

Test control effectiveness through penetration testing of zone boundaries and security level verification.

Continuous Monitoring

Ongoing surveillance, periodic reassessment, and change management to maintain achieved security levels.

Official Sources

Assess Your Compliance

Expert guidance for your IEC 62443 compliance journey.

Get Started