Skip to content
CSA Store
  • CSA Group
  • CSA OnDemand™
  • CSA Communities
  • Contact Us
  • Catalogue
    • Browse By Subject Area

      • Electrical
      • Fuels & Transportation
      • Petroleum & Natural Gas
      • Environment & Natural Resources
      • Construction & Infrastructure
      • Mechanical & Industrial Equipment
      • Nuclear
      • Health Care and Well-being
      • Worker & Public Safety
      • Management Systems
    • Browse By Publisher

      • ASME
      • ASTM
      • CSA Group
      • ESA
      • IEC
      • ISO
      • NRC
      • ORNAC
      • TSSA
    • ICS Catalogue

      • Browse by International Classification of Standards (ICS Codes)
  • Subscription
    • Browse By Subject Area

      • Electrical
      • Fuels & Transportation
      • Petroleum & Natural Gas
      • Environment & Natural Resources
      • Construction & Infrastructure
      • Mechanical & Industrial Equipment
      • Nuclear
      • Health Care and Well-being
      • Worker & Public Safety
      • Management Systems
    • CSA Subscriptions

      • Overview
      • Collections
    • ICS Catalogue

      • Browse by International Classification of Standards (ICS Codes)
  • Services
Cart Icon0
×
Login / Register
English / CAD

Language

en

fr

Currency

CAD

USD

  • CSA Group
  • CSA OnDemand™
  • CSA Communities
  • Contact Us
Wishlist

Catalogue

  • Browse By Subject Area

    • Electrical
    • Fuels & Transportation
    • Petroleum & Natural Gas
    • Environment & Natural Resources
    • Construction & Infrastructure
    • Mechanical & Industrial Equipment
    • Nuclear
    • Health Care and Well-being
    • Worker & Public Safety
    • Management Systems
  • Browse By Publisher

    • ASME
    • ASTM
    • CSA Group
    • ESA
    • IEC
    • ISO
    • NRC
    • ORNAC
    • TSSA
  • ICS Catalogue

    • Browse by International Classification of Standards (ICS Codes)

Subscription

  • Browse By Subject Area

    • Electrical
    • Fuels & Transportation
    • Petroleum & Natural Gas
    • Environment & Natural Resources
    • Construction & Infrastructure
    • Mechanical & Industrial Equipment
    • Nuclear
    • Health Care and Well-being
    • Worker & Public Safety
    • Management Systems
  • CSA Subscriptions

    • Overview
    • Collections
  • ICS Catalogue

    • Browse by International Classification of Standards (ICS Codes)

Services

Menu toggle Icon
Login / Register
English / CAD

Language

en

fr

Currency

CAD

USD

Wishlist Cart (
)

Search Section

    • Home
    • ICS
    • Manufacturing Engineering
    • Industrial Automation Systems
    • Industrial Process Measurement And Control
    • CAN/CSA-IEC/TR 62443-2-3:17

    Codes & Standards - Purchase

    CAN/CSA-IEC/TR 62443-2-3:17

    Security for industrial automation and control systems — Part 2-3: Patch management in the IACS environment (Adopted IEC technical report 62443-2-3:2015, first edition, 2015-06)
    SKU: 2425934 Published by CSA Group Publication Year 2017 74 pages

    Product Details

    • Preface/Scope
    This is the first edition of CAN/CSA-IEC/TR 62443-2-3, Security for industrial automation and control systems — Part 2-3: Patch management in the IACS environment, which is an adoption without modification of the identically titled IEC (International Electrotechnical Commission) Technical Report 62443-2-3 (first edition, 2015-06). At the time of publication, IEC TR 62443-2-3:2015 is available from IEC in English only. CSA Group will publish the French version when it becomes available from IEC. 

    The IEC Technical Report is one in a series of Standards developed by IEC/TC 65 on industrial automation networking security that are being adopted by CSA Group. The IEC Technical Report addresses the patch management aspects of cyber security. It recommends a defined format for the distribution of information about security patches from asset owners to IACS product suppliers. The exchange format and activities are defined for use in security-related patches, but may also be used for non-security related patches or updates. 

    This Standard uses terminology and concepts specified in the following: 
    a) CAN/CSA-IEC/TS 62443-1-1:17, Industrial communication networks — Network and system security — Part 1-1: Terminology, concepts and models; and 
    b) CAN/CSA-IEC 62443-2-1:17, Industrial communication networks — Network and system security — Part 2-1: Establishing an industrial automation and control system security program. 

    Scope

    This part of IEC 62443, which is a Technical Report, describes requirements for asset owners and industrial automation and control system (IACS) product suppliers that have established and are now maintaining an IACS patch management program. 

    This Technical Report recommends a defined format for the distribution of information about security patches from asset owners to IACS product suppliers, a definition of some of the activities associated with the development of the patch information by IACS product suppliers and deployment and installation of the patches by asset owners. The exchange format and activities are defined for use in security related patches; however, it may also be applicable for non-security related patches or updates. 

    The Technical Report does not differentiate between patches made available for the operating systems (OSs), applications or devices. It does not differentiate between the product suppliers that supply the infrastructure components or the IACS applications; it provides guidance for all patches applicable to the IACS. Additionally, the type of patch can be for the resolution of bugs, reliability issues, operability issues or security vulnerabilities. 

    NOTE 1 This Technical Report does not provide guidance on the ethics and approaches for the discovery and disclosure of security vulnerabilities affecting IACS. This is a general issue outside the scope of this report. 

    NOTE 2 This Technical Report does not provide guidance on the mitigation of vulnerabilities in the period between when the vulnerability is discovered and the date that the patch resolving the vulnerability is created. For guidance on multiple countermeasures to mitigate security risks as part of an IACS security management system (IACS-SMS), refer to, Annexes B.4.5, B.4.6 and B.8.5 in this Technical Report and other documents in the IEC 62443 series.
    copyright imgRequest Copyright Permissions

    Buy

    Quantity
    -
    +
    • FAQs
    • Contact Us
    • Email Product

    GST REG No R119441681
    QST REG No R1006017360

    Compare Formats

    Determine the subscription format that is right for you.

    Features CSA AdvantageTM CSA OnDemandTM
    Offline access
    Full-text search
    Create highlights and personal notes
    Newest editions added automatically
    Includes all supported languages and archive versions
    My Files - create customized files by adding multiple clauses, tables or figures from the standard into your own personal File for quick reference
    Toggle between your files and the full standard to maintain context
    Instantly preview cross referenced material within the book
    Export personal notes to Excel
    Transfer notes and highlights when updates are available
    Adobe Reader PDF and browser compatible for iOS and Android
    Web, Android, iOS Compatible

    Follow Us On Social Media

    Get Our Newsletter

    Get CSA Newsletter

    • About CSA Store
    • Subscription
    • Services
    • Catalogue
    • FAQ
    • Return Policy
    • FULFILLMENT DETAILS
    • EBOOK SUPPORT
    • Product Updates
    • Contact Us
    • CSA GROUP
    • CSA COMMUNITIES
    • CSA Update Service
    • About CSA Store
    • Subscription
    • Services
    • Catalogue
    • FAQ
    • Return Policy
    • FULFILLMENT DETAILS
    • EBOOK SUPPORT
    • Product Updates
    • Contact Us
    • CSA GROUP
    • CSA COMMUNITIES
    • CSA Update Service

    • General Terms and Conditions
    • Privacy Policy
    • Accessibility
    © 2022 Canadian Standards Association. All rights reserved
    logo close
    Privacy Preference Centre

    Please manage your cookie choices by switching the consent toggles on or off under the Purposes below.

    You may change your preference at any time as described in our Cookie Policy

    • Cookie Settings
    • List of Cookies
    close
      Cookies on CSA Group

      We use Cookies to create a secure and effective website experience for our customers. For more information about Cookies and how you can disable Cookies, visit our privacy policy page. Learn More

      Free Login/Registration Required

      View Access for this document is only available for viewers in Canada.

      A free user account is required to view this document.

      Login or Register