ГОСТ Р 56498-2015/IEC/PAS 62443-3:2008. Национальный стандарт Российской Федерации. Сети коммуникационные промышленные. Защищенность (кибербезопасность) сети и системы. Часть 3. Защищенность (кибербезопасность) промышленного процесса измерения и управления

[1]

ISO/IEC 13335-1:2004, Information technology - Security techniques - Management of information and communications technology security - Part 1: Concepts and models for information and communications technology security management

[2]

ISO/IEC TR 13335-4:2000, Information technology - Guidelines for the management of IT Security - Part 4: Selection of safeguards

[3]

ISO/IEC TR 13335-5:2001, Information technology - Guidelines for the management of IT Security - Part 5: Management guidance on network security

[4]

ISO/IEC 15288:2002, Systems engineering - System life cycle processes

[5]

ISO/IEC TR 15443-1:2005, Information technology - Security techniques - A framework for IT security assurance - Part 1: Overview and framework

[6]

ISO/IEC 15446:2004, Information technology - Security techniques - Guide for the production of Protection Profiles and Security Targets

[7]

ISO/IEC 21827:2002, Information technology - Systems Security Engineering - Capability Maturity Model (SSE-CMM)

[8]

ISO/IEC 27001:2005, Information technology - Security techniques - Information security management systems - Requirements

[9]

IEC 61508:1998 (all parts), Functional safety of electrical/electronic/programmable electronic safety-related systems

[10]

NIST SP 800-82, "Guide to Supervisory Control and Data Acquisition (SCADA) and Other Industrial Control System Security", Initial Public Draft, September 2006

[11]

NIST SP 800-53, "Recommended Security Controls for Federal Information Systems", Second Public Draft, July 2006

[12]

Technology Assessment - Cybersecurity For Critical Infrastructure Protection", United States General Accounting Office, May 2004

[13]

"Cyber Security Procurement Language for Control Systems", Draft, November 2006, Idaho National Laboratory, Idaho Falls, ID 83415, USA

[14]

"Systems Assurance - Delivering Mission Success in the Face of Developing Threats", Systems Assurance Committee, NDIA, USA

[15]

"A study of the applicability of ISO/IEC 17799 and the German Baseline Protection Manual to the needs of safety critical systems", EWICS (European Workshop on Industrial Computer Systems) Technical Committee No. 7: Reliability, Safety and Security; Roadmap D31. http://www.ewics.org/docs/roadmap-project

[16]

"Good Automated Manufacturing Practice (GAMP): Guide for Validation of Automated Systems in Pharmaceutical Manufacture", ISPE, 3109 W. Dr. Martin Luther King Jr. Blvd., Suite 250, Tampa, FL 33607, USA

УДК 004.056.5:006.354

ОКС 25.040.40

35.110

Ключевые слова: промышленные коммуникационные сети, сети и системы, защищенность, кибербезопасность, промышленная система управления, модель угроз-рисков, жизненный цикл безопасности, модель защиты, политика безопасности