IEC 62443-4-1:2018 sECURITY FOR INDUSTRIAL AUTOMATION AND CONTROL svSTEMS -Part 4-1: Secure product development lifecycle requirements
IEC 62443-4-1:2018 sECURITY FOR INDUSTRIAL AUTOMATION AND CONTROL svSTEMS -Part 4-1: Secure product development lifecycle requirements
1 Scope
This part of IEC 62443 specifies process requirements for the secure development ofproducts used in industrial automation and control systems. It defines a secure developmentlife-cycle (SDL) for the purpose of developing and maintaining secure products. This life-cycleincludes security requirements definition,secure design,secure implementation (includingcoding guidelines),verification and validation,defect management,patch management andproduct end-of-life. These requirements can be applied to new or existing processes fordeveloping,maintaining and retiring hardware,software or firmware for new or existingproducts.These requirements apply to the developer and maintainer of the product, but not tothe integrator or user of the product.A summary list of the requirements in this document canbe found in Annex B.
2Normative references
The following documents are referred to in the text in such a way that some or all of theircontent constitutes requirements of this document. For dated references,only the editioncited applies.For undated references, the latest edition of the referenced document (includingany amendments) applies.
IEC 62443-2-4:2015,Security for industrial automation and control systems - Part 2-4:Security program requirements for lAcs service providers
IEC 62443-2-4:2015iAMD1:2017
3Terms, definitions,abbreviated terms, acronyms and conventions
3.1 Terms and definitions
点此免费下载