The idea in a nutshell
IEC 62443 is the industrial equivalent of ISO 27001: it follows the same logic of risk management and controls, but with additional constraints related to production (availability, personal safety, long equipment life, limited maintenance windows, maintenance providers, etc.).
What is the purpose of IEC 62443?
It provides a specific framework for industrial systems (OT/ICS/SCADA) to reduce unplanned downtime, prevent safety/security incidents, and demonstrate to your clients that the plant is under control. It applies to the three roles in the lifecycle: suppliers/manufacturers, integrators, and operators.
ISO 27001 structures overall governance (ISMS).
IEC 62443 translates this intention to the production line level: architecture, workstations, networks, field procedures.
The 5 concepts that make the difference
1) Zones & Conduits
The workshop is divided into zones (robot cell, supervision, DMZ, OT server room, etc.) and the conduits (flows) between them are controlled. Objective: to limit propagation and make the points of passage to be filtered visible.
2) Security Levels (SL)
We set SL objectives based on usage and risk (e.g., SL2 for supervision, SL3 for machine safety). This guides hardening without overspecification.
3) “Field-compatible” hardening
Shared HMI stations, maintenance accounts, obsolete OS imposed by a PLC, equipment without patches, etc. We use compensatory measures: machine isolation, virtual patching at the gateway, network hardening by allow-list, one-way flow (data diode) when necessary.
4) Admin paths and maintenance access
We separate administration paths from the rest, require named accounts, temporary elevations (badges, short sessions), log service provider interventions, and keep proof.
5) Complete life cycle
Design → integration → operation/maintenance. Requirements do not end with the project: they cover updates, backups/restores of automated recipes, change management, and end of life.
Examples of “ISO into workshop” adaptations
Regular updates ⟶ when this is impossible: strict isolation, supervision, integrity checks.
Securing workstations ⟶ Shared HMIs: named accounts, time-limited sessions, automatic locking.
Network segmentation ⟶ interconnected lines: OT DMZ, filtered gateways, whitelisted traffic, central logging.
How to get started without disrupting production
- Simple mapping: cells, PLCs, HMIs, servers, gateways, IT–OT links.
- Divide into zones and draw existing conduits; mark unfiltered “bridges.”
- Set realistic SLs per zone (based on risk and production constraints).
- Address the 10% that accounts for 80% of the risk: isolate what cannot be patched, close unnecessary flows, secure maintenance access.
- Prove it: tested backups, intervention logs, up-to-date list of authorized flows.
Conclusion
IEC 62443 brings ISO 27001 to the machine level. It respects production constraints while imposing discipline in terms of architecture, access, and evidence. By first addressing isolation, flows, and maintenance access, you significantly reduce risk without shutting down the factory—and you speak the same language as your industrial partners.
A first concrete step toward IEC 62443?
