civilinfrastructureplatform:cip-iec-62443-4-x
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
civilinfrastructureplatform:cip-iec-62443-4-x [2020/06/08 13:27] SZLin |
civilinfrastructureplatform:cip-iec-62443-4-x [2020/06/08 13:29] (current) SZLin |
||
|---|---|---|---|
| Line 35: | Line 35: | ||
| CIP already promises super long term support (SLTS) for both CIP Kernel as well as CIP Core, which is beyond usual upstream long term support. In order to further reduce certification costs for CIP based products, CIP member companies strive to get IEC-62443-4-x certification for the CIP platform. Since CIP is not an end product, full certification to CIP cannot be granted, instead, CIP would be eligible for IEC-62443-4-X assessment. | CIP already promises super long term support (SLTS) for both CIP Kernel as well as CIP Core, which is beyond usual upstream long term support. In order to further reduce certification costs for CIP based products, CIP member companies strive to get IEC-62443-4-x certification for the CIP platform. Since CIP is not an end product, full certification to CIP cannot be granted, instead, CIP would be eligible for IEC-62443-4-X assessment. | ||
| - | **Key goals of CIP certification are as follows** | + | ===== Key goals of CIP certification are as follows ===== |
| 1. Leverage the experience and expertise of CIP member companies to certify CIP and pass the benefits of certified CIP platform to suppliers | 1. Leverage the experience and expertise of CIP member companies to certify CIP and pass the benefits of certified CIP platform to suppliers | ||
| Line 45: | Line 45: | ||
| 4. Many CIP member companies are also hardware manufacturer or supplier of reference boards which can also be used to validate IEC-62443-4-x security requirements | 4. Many CIP member companies are also hardware manufacturer or supplier of reference boards which can also be used to validate IEC-62443-4-x security requirements | ||
| - | **Documents required for IEC-62443-4-x certification** | + | ===== Documents required for IEC-62443-4-x certification ===== |
| CIP members are working with the certification body to know exactly what all documents are usually required for certification. However, there are many possible scenarios when required documents may vary e.g. targeted device category (There are four device categories defined in IEC-62443-4-2). As of now CIP members decided to apply for Networking and Embedded categories for certification and the expected security level is three (SL-3). However, exact details will be known once the gap assessment is completed by the Certification Body. | CIP members are working with the certification body to know exactly what all documents are usually required for certification. However, there are many possible scenarios when required documents may vary e.g. targeted device category (There are four device categories defined in IEC-62443-4-2). As of now CIP members decided to apply for Networking and Embedded categories for certification and the expected security level is three (SL-3). However, exact details will be known once the gap assessment is completed by the Certification Body. | ||
| Line 64: | Line 64: | ||
| After gap analysis, the Certification Body will point out additional documents required for actual certification as well as missing information in existing documents | After gap analysis, the Certification Body will point out additional documents required for actual certification as well as missing information in existing documents | ||
| - | **How suppliers can leverage certified CIP** | + | ===== How suppliers can leverage certified CIP ===== |
| The CIP project is hosted under the Linux Foundation. At the time of writing this document, there are eight CIP member companies who strongly support CIP development activities in all possible manners. All CIP member companies have direct access to CIP project resources such as CIP Kernel, CIP Core as well as documents and sample applications developed for IEC-62443-4-x certification. | The CIP project is hosted under the Linux Foundation. At the time of writing this document, there are eight CIP member companies who strongly support CIP development activities in all possible manners. All CIP member companies have direct access to CIP project resources such as CIP Kernel, CIP Core as well as documents and sample applications developed for IEC-62443-4-x certification. | ||
| Line 72: | Line 72: | ||
| ]] | ]] | ||
| - | **Roadmap of CIP IEC-62443 certification** | + | ===== Roadmap of CIP IEC-62443 certification ===== |
| **TBD:** We are working to update this section soon. | **TBD:** We are working to update this section soon. | ||
| - | **Frequently Asked Questions(FAQs)** | + | ===== Frequently Asked Questions(FAQs) ===== |
| - | //(Please note that following section has been written based on the discussion with a specific Certification Body, so it is quite likely that there might be some differences in policies or few things with respect to other Certification Body)*// | + | //(Please note that the following section has been written based on the discussion with a specific Certification Body, so it is quite likely that there might be some differences in policies or few things with respect to other Certification Body)*// |
| **What would be the security level as defined in IEC-62443-4-2 which can be achieved by CIP assessment/certification?** | **What would be the security level as defined in IEC-62443-4-2 which can be achieved by CIP assessment/certification?** | ||
civilinfrastructureplatform/cip-iec-62443-4-x.1591622878.txt.gz ยท Last modified: 2020/06/08 13:27 by SZLin
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Noncommercial-Share Alike 4.0 International
