According to the ISA/IEC 62443-3-2 standard, a security zone is a grouping of systems and components based on their functional, logical, and physical relationship that share common security requirements. The primary objective of defining a security zone is to apply a consistent level of protection to the assets within the zone, based on their criticality and risk assessment. A security zone may contain assets from different vendors, different levels in the Purdue model, or different physical locations, as long as they have the same security requirements. A security zone may also be subdivided into subzones, if there are different security requirements within the zone. A conduit is a logical or physical grouping of communication channels connecting two or more zones that share common security requirements.
References:
ISA/IEC 62443-3-2:2020, Security for industrial automation and control systems - Part 3-2: Security risk assessment for system design, Clause 4.3.21
ISA/IEC 62443-1-1:2009, Security for industrial automation and control systems - Part 1-1: Terminology, concepts and models, Clause 3.2.42
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit