- 期刊
- OpenAccess
從IEC 62443看儀器應具備的資訊安全功能
The Cybersecurity Functions that an Instrument Should Possess from the Perspective of IEC 62443
摘要
製造業目前已是受到最多資安攻擊的產業的首位,在製造業中,各式的儀器、不同的老舊通訊協定及欠缺的資安人才導致許多資安漏洞的生成,如何客觀地評估儀器應該具有的資訊安全特性成為一重要議題。本論文目的即為使用國際認可並適用於工控環境中的資安標準IEC 62443-4-2來探討儀器應具有的資訊安全特性,論文中我們將IEC 62443-4-2的7項基本要求應用在儀器上以分別來探討在這7項基本要求下的細部規範。
關鍵字
無資料並列摘要
Manufacturing is currently the most attacked industry. In the manufacturing industry, various instruments, different legacy communication protocols, and a lack of OT cybersecurity expert have generated many vulnerabilities. How to objectively assess the cybersecurity attributes that instruments should have became an essential issue. This paper aims to use the internationally recognized OT cybersecurity standard IEC 62443-4-2 to discuss the cybersecurity attributes that instruments should have. Requirements are applied to instruments to discuss the detailed specifications under these seven fundamental requirements in IEC 62443-4-2.