Verein Deutscher Ingenieure

IT-security for industrial automation - General model
 N VDI/VDE 2182 BLATT 1

Annotation

In a technical context, the term "security" covers many different aspects, so the universal term can be described as "overall security".

Overall security takes account of issues of

• reliability,

• functional safety, and

• IT security.

This guideline deals only with IT security.

This guideline describes how specific measures can be implemented in order to guarantee the IT security of automated machines and plant; aspects of the automation devices, automation systems, and automation applications used are considered. A uniform, feasible procedure for ensuring IT security throughout the entire life cycle of automation devices, systems, and applications is described, based on common terms and definitions agreed by the vendors of automation devices and systems and their users (e. g., machine vendors, integrators, plant management). The life cycle covers the development, integration, operation, migration, and decommissioning phases.

This guideline defines a simple procedure model for the development and description of IT Security. The model consists of eight steps. The implementation of this model from the viewpoint of vendors, integrators/ machine vendors and plant management will be exemplary described in the guidelines VDI/ VDE 2182 Part 2, Part 3 and Part 4.

Applying the methods and measures described in this guideline will allow systematic solutions to be achieved which are appropriate to the level of protection required, meaning that they are also cost-effective.