According to the ISA/IEC 62443-3-2 standard, a security zone is a grouping of systems and components based on their functional, logical, and physical relationship that share common security requirements. The primary objective of defining a security zone is to apply a consistent level of protection to the assets within the zone, based on their criticality and risk assessment. A security zone may contain assets from different vendors, different levels in the Purdue model, or different physical locations, as long as they have the same security requirements. A security zone may also be subdivided into subzones, if there are different security requirements within the zone. A conduit is a logical or physical grouping of communication channels connecting two or more zones that share common security requirements.
[References:, ISA/IEC 62443-3-2:2020, Security for industrial automation and control systems - Part 3-2: Security risk assessment for system design, Clause 4.3.21, ISA/IEC 62443-1-1:2009, Security for industrial automation and control systems - Part 1-1: Terminology, concepts and models, Clause 3.2.42, ]
Submit