State of the Art Approach on ICS Components Security Compliance Under the Umbrella of Upcoming Harmonized Certification (B13a)
One of the main challenges within the industrial cybersecurity is the current lack of mandatory regulation, leaving the responsibility for secure components heavily on the manufacturers. At the same time, the perspective of upcoming harmonized certification under the EU Cybersecurity Act asks manufacturers to take a pro-active approach. Currently there are multiple different best practice documents and standards on this topic, including IEC 62443, UL 2900, ENISA/NIST recommendations, and more. However, choosing a silver bullet compliance solution is difficult task which could have massive impact on budget and timelines. This talk will describe the state of the art security standards for ICS components, zooming in on their applicability, real life examples and practical limitations which can be expected. Finally, a view will be given on how existing standards will fit into the upcoming EU ICS Components Certification Scheme (ICCS), thus giving the industry a clear view on focusing their efforts.