What is IEC 62443 ?
IEC 62443 is the international standard series for Industrial Automation and Control Systems (IACS) security. Published by the IEC (International Electrotechnical Commission), it covers the entire industrial security lifecycle: policies and procedures (2-x series), system requirements (3-x series), and component requirements (4-x series). The standard defines 7 foundational requirements (FR) and 4 security levels (SL 1 to SL 4) to graduate protection based on threat level. The zones and conduits approach enables segmentation of industrial architecture and application of controls adapted to each zone.
Key Points
- 7 foundational requirements: identification and authentication, use control, system integrity, data confidentiality, restricted data flow, incident response, resource availability
- 4 security levels (SL 1 to SL 4) enabling a graduated approach based on threat level
- Zones and conduits approach for industrial architecture segmentation
- Requirements for asset owners (2-x series), integrators (3-x series), and component manufacturers (4-x series)
- Possible component and system certification by accredited bodies
Why Zaxyr
Zaxyr helps industrial organizations assess their IEC 62443 compliance by structuring analysis through zones and conduits. The platform tracks the 7 foundational requirements, enables defining the target security level per zone, and provides mapping to NIST 800-82 and NERC CIP for a unified view of OT compliance.