Standards according to SDOs

Standards according to SDOs View Taxon in all lists

EN 9100 - General quality management requirements for aviation Description

EN 62745:2017 - Safety of machinery - Requirements for cableless control systems of machinery (IEC 62745:2017) Description

EN 61310 sreies - Safety of machinery - Indication, marking and actuation Description

EN 61069 series - Industrial-process measurement, control and automation - Evaluation of system properties for the purpose of system assessment Description

EN 17007:2017 - Maintenance process and associated indicators Description

EN 16646:2014 - Maintenance -Maintenance within physical asset management Description

EN 13306:2018 - Maintenance -Maintenance terminology Description

EN 10305-5:2016 - Steel tubes for precision applications -Technical delivery conditions -Part 5: Welded cold sized square and rectangular tubes Description

EN 10305-3:2016 - Steel Tubes for precision applications -Technical delivery conditions -Part 3: Welded cold sized tubes Description

EN 10219-1:2006 - Cold Formed Welded structural Hollow Sections of non-alloy and fine grain steels -Part 1: Technical delivery conditions Description

CEN/CLC/JTC 13 : Cybersecurity and Data Protection Description

Development of standards for cybersecurity and data protection covering all aspects of the evolving information society including but not limited to: - Management systems, frameworks, methodologies - Data protection and privacy - Services and products evaluation standards suitable for security assessment for large companies and small and medium enterprises (SMEs) - Competence requirements for cybersecurity and data protection - Security requirements, services, techniques and guidelines for ICT systems, services, networks and devices, including smart objects and distributed computing devices Included in the scope is the identification and possible adoption of documents already published or under development by ISO/IEC JTC 1and other SDOs and international bodies such as ISO, IEC, ITU-T, and industrial fora. Where not being developed by other SDO's, the development of cybersecurity and data protection CEN/CENELEC publications for safeguarding information such as organizational frameworks, management systems, techniques, guidelines, and products and services, including those in support of the EU Digital Single Market.

https://www.cen.eu/work/Sectors/Digital_society/Pages/Cybersecurity.aspx

https://www.cenelec.eu/dyn/www/f?p=104:7:123858409050001::::FSP_ORG_ID,FSP_LANG_ID:2307986,25

CLC/TC 65X : Industrial-process measurement, control and automation Description

Its scope is to contribute, support and coordinate the preparation of international standards for systems and elements used for industrial process measurement, control and automation at CENELEC level. To coordinate standardisation activities which affect integration of components and functions into such systems including safety and security aspects. This CENELEC work of standardisation is to be carried out for equipment and systems and closely coordinated with IEC TC65 and its subcommittees with the objective of avoiding any duplication of work while honouring standing agreements between CENELEC and IEC.

https://www.cenelec.eu/dyn/www/f?p=104:7:0::::FSP_ORG_ID:1257871

https://www.cenelec.eu/aboutcenelec/whatwedo/technologysectors/DigitalSociety-topics.html

CWA 17492:2020 - Predictive control and maintenance of data intensive industrial processes (MONSOON) Description

DIN Description

DIN SPEC 92001-2 - Artificial Intelligence - Life Cycle Processes and Quality Requirements - Part 2: Robustness Description

DIN SPEC 92001-1:2019-04 - Artificial Intelligence -Life Cycle Processes and Quality Requirements -Part 1: Quality Metamodel Description

DIN SPEC 91406:2019-12 - Automatic identification of physical objects and information on physical objects in IT systems, particularly IoT systems Description

DIN SPEC 27070:2020 - Requirements and reference architecture of a security gateway for the exchange of industry data and services Description

DIN SPEC 2343:2020-09 - Transmission of language-based data between artificial intelligences - Specification of parameters and formats Description

DIN SPEC 13266:2020-04 - Guideline for the development of deep learning image recognition systems Description

DIN SPEC 16592:2016 - Combining OPC Unified Architecture and Automation Markup Language. Description

DIN SPEC 27070:2020 - Requirements and reference architecture of a security gateway for the exchange of industry data and services Description

IEC (International Electrotechnical Commission) Description

IEC /TR 62837:2013 - Energy efficiency through automation systems Description

IEC 20922 (MQTT) Description

MQTT (MQ Telemetry Transport) is an open OASIS and ISO standard (ISO/IEC PRF 20922) lightweight, publish-subscribe network protocol that transports messages between devices. (From https://en.wikipedia.org/wiki/MQTT)

IEC 60034 series - Rotating electrical machines Description

IEC 60204:2020 SER - Safety of machinery - Electrical equipment of machines - ALL PARTS Description

IEC 60445:2017 RLV - Basic and safety principles for man-machine interface, marking and identification - Identification of equipment terminals, conductor terminations and conductors Description

IEC 61131 Description

IEC 61131 series - Programmable controllers - ALL PARTS Description

IEC 61158 series - Industrial communication networks - Fieldbus specifications Description

IEC 61360-1:2017 - Standard data element types with associated classification scheme - Part 1: Definitions - Principles and methods Description

IEC 61499 Description

The international standard IEC 61499, addressing the topic of function blocks for industrial process measurement and control systems, was initially published in 2005. The specification of IEC 61499 defines a generic model for distributed control systems and is based on the IEC 61131 standard. (see https://en.wikipedia.org/wiki/IEC_61499 and IEC 61499 - International Electrotechnical Commission.

IEC 61499 series - Function blocks Description

IEC 61511-1:2016+AMD1:2017 CSV Consolidated version - Functional safety - Safety instrumented systems for the process industry sector - Part 1: Framework, definitions, system, hardware and application programming requirements Description

IEC 61784 series - Industrial communication networks - Profiles Description

IEC 61800 series - Adjustable speed electrical power drive systems Description

Show more

IEC 62443 series - Security for industrial automation and control systems - ISA 99 Description

Publisher: ANSI, IEC, ISA - License: ANSI, IEC, ISA

See also:

https://www.iec.ch/cybersecurity/?ref=extfooter
https://www.isa.org/standards-and-publications/isa-standards/isa-standards-committees/isa99 (Including a diagram depicting the status of the various work products in the ISA/IEC 62443 series of IACS standards and technical report)
in German: https://www.dke.de/de/arbeitsfelder/industry/iec-62443-cybersecurity-industrieautomatisierung

The ISA/IEC 62443 standard specifies security capabilities for (industrial) control system components. Developed by the ISA99 committee and adopted by the International Electrotechnical Commission (IEC), provides a framework to address and mitigate security vulnerabilities in industrial automation and control systems (IACSs). it is based upon the input and knowledge of IACS security experts from across the globe to develop consensus standards that are applicable to all industry sectors and critical infrastructure. Central is the application of IACS security zones and conduits (isolation & segmentation), which were introduced in 62443-1-1,

ISA-62443-4-2, Security for Industrial Automation and Control Systems: Technical Security Requirements for IACS Components, provides the cybersecurity technical requirements for components that make up an IACS, specifically the embedded devices, network components, host components, and software applications.

Based on the IACS system security requirements of ISA/IEC 62443‑3-3, System Security Requirements and Security Levels, 4-2 specifies security capabilities that enable a component to mitigate threats for a given security level without the assistance of compensating countermeasures.

ISA/IEC 62443-4-1, Product Security Development Life-Cycle Requirements, specifies process requirements for the secure development of products used in an IACS and defines a secure development life cycle for developing and maintaining secure products. The life cycle includes security requirements definition, secure design, secure implementation (including coding guidelines), verification and validation, defect management, patch management, and product end of life.

ISA/IEC 62443-3-2, Security Risk Assessment, System Partitioning and Security Levels, is based on the understanding that IACS security is a matter of risk management. 3-2 will define a set of engineering measures to guide organizations through the process of assessing the risk of a particular IACS and identifying and applying security countermeasures to reduce that risk to tolerable levels.

By aligning the identified target security level with the required security level capabilities 3‑3, System Security Requirements and Security Levels it takes the earlier 1-1 standard a step further. 2-3, Patch Management in the IACS Environment addresses the installation of patches, also called software updates, software upgrades, firmware upgrades, service packs, hot fixes, basic input/output system updates, and other digital electronic program updates that resolve bug fixes, operability, reliability, and cybersecurity vulnerabilities. It covers many of the problems and industry concerns associated with IACS patch management for asset owners and IACS product suppliers. It also describes the effects poor patch management can have on the reliability and operability of an IACS.

IEEE Description

IEEE 1686-2013 - IEEE Standard for Intelligent Electronic Devices Cyber Security Capabilities Description

IEEE P2413:2019 - Architectural Framework for the Internet of Things (IoT) Description

IEEE 802.1AS-2020 - IEEE Standard for Local and Metropolitan Area Networks--Timing and Synchronization for Time-Sensitive Applications Description

IEEE 802.15.4-2020 - IEEE Standard for Low-Rate Wireless Networks Description

IEEE 802.15.4 Description

IEEE 802.11 Standards - IEEE 802.11 Standards Description

IEEE 802.1 TSN Description

IEEE 1589-2020 - IEEE Standard for Augmented Reality Learning Experience Model Description

ISO (International Organization for Standardization) Description

ISO/TS 9002:2016 - Quality management systems — Guidelines for the application of ISO 9001:2015 Description

ISO/TS 15066:2016 - Robots and robotic devices — Collaborative robots Description

ISO/TR 31004:2013 - Risk management — Guidance for the implementation of ISO 31000 Description

ISO/TR 23245 - Blockchain and distributed ledger technologies — Security risks, threats and vulnerabilities Description

ISO/TR 23244:2020 - Blockchain and distributed ledger technologies — Privacy and personally identifiable information protection considerations Description

ISO/TR 22100-4:2018 - Safety of machinery — Relationship with ISO 12100 — Part 4: Guidance to machinery manufacturers for consideration of related IT-security (cyber security) aspects Description

ISO/TR 20218-1:2018 - Robotics — Safety design for industrial robot systems — Part 1: End-effectors Description

ISO/TR 13309:1995 - Manipulating industrial robots — Informative guide on test equipment and metrology methods of operation for robot performance evaluation in accordance with ISO 9283 Description

ISO/PAS 17506:2012 - Industrial automation systems and integration — COLLADA digital asset schema specification for 3D visualization of industrial data Description

ISO TR 21260 - Safety of machinery — Mechanical safety data for physical contacts between moving machinery or moving parts of machinery and persons Description

ISO 9787:2013 - Robots and robotic devices — Coordinate systems and motion nomenclatures Description

ISO 9735 series - Electronic data interchange for administration, commerce, and transport (EDIFACT) Description

ISO 9283:1998 - Manipulating industrial robots — Performance criteria and related test methods Description

ISO 9001:2015 - Quality management systems — Requirements Description

Show more

ISO/IEC JTC 1 Description

ISO/IEC 18045:2008 - Information technology — Security techniques — Methodology for IT security evaluation Description

ISO/IEC 15408 series - Information technology -Security techniques -Evaluation criteria for IT security Description

ISO/IEC TS 33052:2016 - Information technology -Process reference model (PRM) for information security management Description

ISO/IEC 15408 : Information Technology – Security Techniques – Evaluation Criteria for IT Security Description

These requirements establish a standard way of expressing the assurance requirements for Targets of Evaluation (TOEs). This part of ISO/IEC 15408 catalogues the set of assurance components, families and classes. This part of ISO/IEC 15408 also defines evaluation criteria for PPs (Protection Profile) and STs (Security Target) and presents evaluation assurance levels that define the predefined ISO/IEC 15408 scale for rating assurance for TOEs, which is called the Evaluation Assurance Levels (EALs). The audience for this part of ISO/IEC 15408 includes consumers, developers, and evaluators of secure IT products. Developers, who respond to actual or perceived consumer security requirements in constructing a TOE, reference this part of ISO/IEC 15408 when interpreting statements of assurance requirements and
determining assurance approaches of TOEs.

https://www.iso.org/standard/50341.html
https://standards.iso.org/ittf/PubliclyAvailableStandards/c050341_ISO_IEC_15408-1_2009.zip (public download)

ISO/IEC TR 30164:2020 - Internet of things (IoT) -Edge Computing Description

ISO/IEC TR 24029 - Information technology -- Artificial Intelligence (AI) -- Assessment of the robustness of neural networks Description

ISO/IEC TR 24028:2020 - Information technology - Artificial intelligence - Overview of trustworthiness in artificial intelligence Description

ISO/IEC NP 24392 - Information technology -- Security techniques --Security reference model for Industrial Internet Platform (IIP) Description

ISO/IEC 30149 - Internet of things (IoT) -Trustworthiness framework Description

ISO/IEC 30147 - Information technology -Internet of things -Methodology for trustworthiness of IoT system/service Description

ISO/IEC 27701:2019 - extension to privacy information management requirements and guidelines Description

ISO/IEC 6523-1:1998 - Information technology -Structure for the identification of organisations and organisation parts -Part 1: Identification of organisation identification schemes Description

ISO/IEC 27019 - Information technology — Security techniques — Information security controls for the energy utility industry Description

See https://www.iso.org/standard/43759.html

Provides guidance based on ISO/IEC 27002:2013 applied to process control systems used by the energy utility industry for controlling and monitoring the production or generation, transmission, storage and distribution of electric power, gas, oil and heat, and for the control of associated supporting processes.

It includes:

central and distributed process control, monitoring and automation technology as well as information systems used for their operation, such as programming and parameterization devices;
digital controllers and automation components such as control and field devices or Programmable Logic Controllers (PLCs), including digital sensor and actuator elements;
all further supporting information systems used in the process control domain, e.g. for supplementary data visualization tasks and for controlling, monitoring, data archiving, historian logging, reporting and documentation purposes;
communication technology used in the process control domain, e.g. networks, telemetry, telecontrol applications and remote control technology;
Advanced Metering Infrastructure (AMI) components, e.g. smart meters;
measurement devices, e.g. for emission values; - digital protection and safety systems, e.g. protection relays, safety PLCs, emergency governor mechanisms;
energy management systems, e.g. of Distributed Energy Resources (DER), electric charging infrastructures,
all software, firmware and applications installed on above-mentioned systems, e.g. DMS (Distribution Management System) applications or OMS (Outage Management System); - any premises housing the above-mentioned equipment and systems;
remote maintenance systems for above-mentioned systems.

ISO/IEC 27019:2017 does not apply to the process control domain of nuclear facilities. This domain is covered by IEC 62645. ISO/IEC 27019:2017 also includes a requirement to adapt the risk assessment and treatment processes described in ISO/IEC 27001:2013 to the energy utility industry-sector?specific guidance provided in this document.

ISO/IEC 27001 (ISMS) - Information Security Management (ISMS) Description

Show more

NIST (National Institute of Standards and Technology, USA) Description

NIST 800.82 Description

This document provides guidance on how to secure Industrial Control Systems (ICS), including Supervisory Control and Data Acquisition (SCADA) systems, Distributed Control Systems (DCS), and other control system configurations such as Programmable Logic Controllers (PLC), while addressing their unique performance, reliability, and safety requirements. The document provides an overview of ICS and typical system topologies, identifies typical threats and vulnerabilities to these systems, and provides recommended security countermeasures to mitigate the associated risks.

ICS cybersecurity programs should always be part of broader ICS safety and reliability programs at both industrial sites and enterprise cybersecurity programs, because cybersecurity is essential to the safe and reliable operation of modern industrial processes. Threats to control systems can come from numerous sources, including hostile governments, terrorist groups, disgruntled employees, malicious intruders, complexities, accidents, and natural disasters as well as malicious or accidental actions by insiders. ICS security objectives typically follow the priority of availability and integrity, followed by confidentiality.

https://csrc.nist.gov/publications/detail/sp/800-82/rev-2/final

NIST CyberSecurity Framework (Framework for Improving Critical Infrastructure Cybersecurity) Description

The Framework focuses on using business drivers to guide cybersecurity activities and considering cybersecurity risks as part of the organization’s risk management processes. The Framework consists of three parts: the Framework Core, the Implementation Tiers, and the Framework Profiles. The Framework Core is a set of cybersecurity activities, outcomes, and informative references that are common across sectors and critical infrastructure. Elements of the Core provide detailed guidance for developing individual organizational Profiles. Through use of Profiles, the Framework will help an organization to align and prioritize its cybersecurity activities with its business/mission requirements, risk tolerances, and resources. The Tiers provide a mechanism for organizations to view and understand the characteristics of their approach to managing cybersecurity risk, which will help in prioritizing and achieving cybersecurity objectives.

While this document was developed to improve cybersecurity risk management in critical infrastructure, the Framework can be used by organizations in any sector or community. The Framework enables organizations – regardless of size, degree of cybersecurity risk, or cybersecurity sophistication – to apply the principles and best practices of risk management to improving security and resilience.

The Framework provides a common organizing structure for multiple approaches to cybersecurity by assembling standards, guidelines, and practices that are working effectively today.

https://www.nist.gov/cyberframework

NISTIR 8183 - Cybersecurity Framework Version 1.1 Manufacturing Profile Description

The Cybersecurity Framework (CSF) Version 1.1 implementation details developed for the manufacturing environment. The “Manufacturing Profile” of the CSF can be used as a roadmap for reducing cybersecurity risk for manufacturers that is aligned with manufacturing sector goals and industry best practices. This Manufacturing Profile provides a voluntary, risk-based approach for managing cybersecurity activities and reducing cyber risk to manufacturing systems. The Manufacturing Profile is meant to enhance but not replace current cybersecurity standards and industry guidelines that the manufacturer is embracing.

https://csrc.nist.gov/publications/detail/nistir/8183/rev-1/final

NISTIR 8259 - Foundational Cybersecurity Activities for IoT Device Manufacturers Description

Internet of Things (IoT) devices often lack device cybersecurity capabilities their customers organizations and individuals—can use to help mitigate their cybersecurity risks. Manufacturers can help their customers by improving how securable the IoT devices they make are by providing necessary cybersecurity functionality and by providing customers with the cybersecurity-related information they need. This publication describes recommended activities related to cybersecurity that manufacturers should consider performing before their IoT devices are sold to customers. These foundational cybersecurity activities can help manufacturers lessen the cybersecurity-related efforts needed by customers, which in turn can reduce the prevalence and severity of IoT device compromises and the attacks performed using compromised devices

https://csrc.nist.gov/publications/detail/nistir/8259/final

ETSI Description

ETSI TS 103 410-5 SAREF4INMA Description

SAREF4INMA, an extension of SAREF that was created for the industry and manufacturing domain. SAREF4INMA was created to be aligned with related initiatives in the smart industry and manufacturing domain in terms of modelling and standardization, such as the Reference Architecture Model for Industry 4.0 (RAMI), which combines several standards used by the various national initiatives in Europe that support digitalization in manufacturing.

These initiatives include, but are not limited to, the platform Industrie 4.0 in Germany, the Smart Industry initiative in the Netherlands, Industria 4.0 in Italy, the 'Industrie du future initiative' in France and more.

It extends SAREF with 24 classes (in addition to a number of classes directly reused from the SAREF ontology and the SAREF4BLDG extension), 20 object properties (in addition to a number of object properties reused from the SAREF ontology and the SAREF4BLDG extension) and 11 data type properties. SAREF4INMA focuses on extending SAREF for the industry and manufacturing domain to solve the lack of interoperability between various types of production equipment that produce items in a factory and, once outside the factory, between different organizations in the value chain to uniquely track back the produced items to the corresponding production equipment, batches, material and precise time in which they were manufactured.

https://saref.etsi.org/saref4inma/

https://www.etsi.org/deliver/etsi_ts/103400_103499/10341005/01.01.02_60/ts_10341005v010102p.pdf

ETSI SAREF Description

The Smart Applications REFerence (SAREF) ontology is a shared model of consensus that facilitates the matching of existing assets in the smart applications domain. SAREF provides building blocks that allow separation and recombination of different parts of the ontology depending on specific needs.

https://www.etsi.org/technologies/smart-appliances
https://saref.etsi.org/

ETSI M2M Description

Helps to produce the specifications to enable users to build platforms by which devices and services can be connected, regardless of the underlying technology used.

https://www.etsi.org/committee/smartm2m

ETSI EN 303 645 - CYBER - Cyber Security for Consumer Internet of Things: Baseline Requirements Description

While oriented in the first place to consumer devices, ETSI EN 303 645, a standard for cybersecurity in the Internet of Things is relevant for manufacturing considerations. The standard establishes a security baseline for internet-connected consumer products and provides a basis for future IoT certification schemes. Based on the ETSI specification TS 103 645, EN 303 645 went through National Standards Organization comments and voting, engaging even more stakeholders in its development and ultimately strengthening the resulting standard. The EN is a result of collaboration and expertise from industry, academics and government.

ETSI EN 303 645 specifies 13 provisions for the security of Internet-connected consumer devices and their associated services. IoT products in scope include connected children’s toys and baby monitors, connected safety-relevant products such as smoke detectors and door locks, smart cameras, TVs and speakers, wearable health trackers, connected home automation and alarm systems, connected appliances (e.g. washing machines, fridges) and smart home assistants. The EN also includes 5 specific data protection provisions for consumer IoT.

https://www.etsi.org/deliver/etsi_en/303600_303699/303645/02.01.01_60/en_303645v020101p.pdf

ANSI (American National Standards Institute) Description

ANSI/MTC1.4-2018 - MTConnect Description

B11.0 - 2020 - Safety of Machinery Description

B11.Tr10—202x - Functional Safety of Artificial Intelligence for Machinery Applications Description

OPC-UA Description

OPC 40501-1 - UA CS for Machine Tools Part 1 - Monitoring and Job (ZIP/PDF) Description