ISA 62443-1-1 : 2007

Foreword
Introduction
1 Scope
2 Normative References
3 Definitions
4 The Situation
5 Concepts
6 Models

ISA-62443-1-1-2007, Security for Industrial Automation and Control Systems – Part 1-1: Terminology, Concepts and Models, provides a foundational framework of terminology, concepts and models specifically designed for the security of industrial automation and control systems (IACS). The scope of this standard identifies relevant systems, assets and activities essential for maintaining process safety, reliability and regulatory compliance.


Recognizing that availability and integrity often outweigh confidentiality in these environments, this standard advocates for a layered defense-in-depth approach combining technical, administrative and physical controls. Its core concepts are security zones and conduits, which group assets and communication pathways based on shared security needs, allowing targeted risk assessments and management. This document presents a lifecycle approach to developing cybersecurity programs, covering stages from initial concept through design, implementation, operation and disposal, while emphasizing continuous evaluation and adaptation to changing threats.