Security should be addressed across all sections. This section will address general security requirements, e.g. SDLC requirements, algorithm requirements etc.

IEC 62443

Threat Model

The GEISA Execution Environment inputs:

• HAN Interface

• LAN Interface

• Sensor

  • Temperature

  • Humidity

  • Accelerometer

• Meter Register

• Metrology Sensor

GEISA Execution Environment outputs:

• HAN Interface

• LAN Interface

• Local Storage

• Disconnect Switch(es)

Potential Threats and Causes

• Malicious Firmware

  • Supply Chain Attack

  • Unpatched Components

  • Compromised Vendor

  • Compromised Employee Workstation

  • Compromised Management System

• Vulnerable Network Interface

  • Poor Programming Practices

  • Inadequate Testing

  • Unpatched Components

  • Supply Chain Attack

• Broken Firmware

  • Poor Programming Practices

  • Incorrect Logic

  • Inadequate Testing

  • Unpatched Components