This document provides guidelines on the security topics to be covered in IEC publications, and aspects of how to implement them. These guidelines can be used as a checklist for the combination of publications used in implementation of systems.<\/p>\n
This document includes what is often referred to as \u201ccyber security\u201d.<\/p>\n
This document excludes non electrotechnical aspects of security such as societal security, except where they directly interact with electrotechnical security.<\/p>\n
| PDF Pages<\/th>\n | PDF Title<\/th>\n<\/tr>\n | ||||||
|---|---|---|---|---|---|---|---|
| 2<\/td>\n | undefined <\/td>\n<\/tr>\n | ||||||
| 4<\/td>\n | CONTENTS <\/td>\n<\/tr>\n | ||||||
| 6<\/td>\n | FOREWORD <\/td>\n<\/tr>\n | ||||||
| 8<\/td>\n | INTRODUCTION <\/td>\n<\/tr>\n | ||||||
| 9<\/td>\n | 1 Scope 2 Normative references 3 Terms and definitions <\/td>\n<\/tr>\n | ||||||
| 11<\/td>\n | 4 Guide to terminology 4.1 General <\/td>\n<\/tr>\n | ||||||
| 12<\/td>\n | 4.2 Primary recommended sources 4.3 Other relevant sources 4.3.1 General 4.3.2 Other application-domain independent sources 4.3.3 Other application-domain specific sources <\/td>\n<\/tr>\n | ||||||
| 13<\/td>\n | 5 Categorisation of publications 5.1 Overview 5.2 Publication type 5.2.1 General Figures Figure 1 \u2013 Possible categorization of publications <\/td>\n<\/tr>\n | ||||||
| 14<\/td>\n | 5.2.2 Base security publications 5.2.3 Group security publications Figure 2 \u2013 Types of publications <\/td>\n<\/tr>\n | ||||||
| 15<\/td>\n | 5.2.4 Product security publications 5.2.5 Guidance security publications 5.2.6 Test security publications 5.2.7 Relationship between types of security publications 5.3 Application domain <\/td>\n<\/tr>\n | ||||||
| 16<\/td>\n | 5.4 Content 5.5 User\/target group 5.6 Developing security publications 5.6.1 Base security publications <\/td>\n<\/tr>\n | ||||||
| 17<\/td>\n | 5.6.2 Group security publications 5.6.3 Product security publications 5.6.4 Guidance security publications and test security publications <\/td>\n<\/tr>\n | ||||||
| 18<\/td>\n | 6 Mapping\/overview of publications 6.1 General 6.2 List of relevant publications 6.3 Domain table chart Figure 3 \u2013 Publications and application domains <\/td>\n<\/tr>\n | ||||||
| 19<\/td>\n | 7 Considerations for publications development 7.1 Practical considerations for publication writers 7.2 Development process of security in publications Figure 4 \u2013 Example of security requirements, threats, and possible attacks <\/td>\n<\/tr>\n | ||||||
| 21<\/td>\n | Figure 5 \u2013 Decision flow chart <\/td>\n<\/tr>\n | ||||||
| 22<\/td>\n | 7.3 Interrelation between functional safety and security Figure 6 \u2013 Interrelation between functional safety and security <\/td>\n<\/tr>\n | ||||||
| 23<\/td>\n | 7.4 Specific requirements 7.4.1 Relationship with base security publications 7.4.2 Consider conformity assessment when writing standards <\/td>\n<\/tr>\n | ||||||
| 24<\/td>\n | 7.4.3 Lifecycle approach 7.4.4 Holistic system view Figure 7 \u2013 Example of security management cycle for an organization <\/td>\n<\/tr>\n | ||||||
| 25<\/td>\n | 7.4.5 Vulnerability handling 7.4.6 Defence-in-depth 7.4.7 Security management 7.4.8 Supply chain Figure 8 \u2013 Selected measures for defence-in-depth strategy <\/td>\n<\/tr>\n | ||||||
| 26<\/td>\n | 7.4.9 Consider greenfield and brownfield 7.4.10 Use of term integrity 7.5 Security risk assessment 7.5.1 General <\/td>\n<\/tr>\n | ||||||
| 27<\/td>\n | 7.5.2 Iterative process of security risk assessment and risk mitigation 7.5.3 Maintaining safe operation Figure 9 \u2013 Possible impact of security risk(s) on the safety-related control system <\/td>\n<\/tr>\n | ||||||
| 28<\/td>\n | 7.5.4 Scenario analysis 7.5.5 Security risk mitigation strategy 7.5.6 Validation <\/td>\n<\/tr>\n | ||||||
| 29<\/td>\n | Bibliography <\/td>\n<\/tr>\n<\/table>\n","protected":false},"excerpt":{"rendered":" Security aspects. Guidelines for their inclusion in publications<\/b><\/p>\n |