From ddfd43e9ba089dc1d486eee195e2212e4c286edf Mon Sep 17 00:00:00 2001 From: Hendrik Brockhaus <35796373+HBrock@users.noreply.github.com> Date: Mon, 9 Dec 2024 11:26:20 +0100 Subject: [PATCH] fixed a nid --- draft-brockhaus-lamps-automation-keyusages.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/draft-brockhaus-lamps-automation-keyusages.md b/draft-brockhaus-lamps-automation-keyusages.md index f0efaae..d3e06f6 100644 --- a/draft-brockhaus-lamps-automation-keyusages.md +++ b/draft-brockhaus-lamps-automation-keyusages.md @@ -155,7 +155,7 @@ RFC 5280 specifies several extended key purpose identifiers (KeyPurposeIds) for Automation hardware and software products will strategically be more safe and secure by fulfilling mandatory, generic system requirements related to cyber security driven by federal offices like the [European Union Cyber Resilience Act](#EU-CRA) governed by the European Commission and the High Representative of the Union for Foreign Affairs and Security Policy. Automation products connected to the internet would bear the CE marking to indicate they comply. Such regulation was announced in the [2020 EU Cybersecurity Strategy](#EU-STRATEGY), and complements other legislation in this area, specifically the NIS2 Framework, [Directive on measures for a high common level of cybersecurity across the Union](#NIS2). -2020 EU Cybersecurity Strategy suggests to implement and extend international standards such as the [Security for industrial automation and control systems - Part 4-2: Technical security requirements for IACS components](#IEC.62443-4-2) and the [Industrial communication networks - Network and system security – Part 3-3: System security requirements and security levels](#IEC.62443-3-3). Automation hardware and software products of diverse vendors that are connected on automation networks and the internet build a typical automation solution. Harmonized attributes would allow transparency of security properties and interoperability for vendors in context of secure software and firmware updates, general-purpose configuration, trust anchor configuration and secure safety communication. +2020 EU Cybersecurity Strategy suggests to implement and extend international standards such as the [Security for industrial automation and control systems - Part 4-2: Technical security requirements for IACS components](#IEC.62443-4-2) and the [Industrial communication networks - Network and system security - Part 3-3: System security requirements and security levels](#IEC.62443-3-3). Automation hardware and software products of diverse vendors that are connected on automation networks and the internet build a typical automation solution. Harmonized attributes would allow transparency of security properties and interoperability for vendors in context of secure software and firmware updates, general-purpose configuration, trust anchor configuration and secure safety communication. A concrete example for Automation is a Rail Automation system. The [Europe's Rail Joint Undertaking System Pillar](#ERJU) will deliver a unified operational concept and a functional, safe and secure system architecture alongside with system requirements for Rail Automation. The deliverables include due consideration of cyber-security aspects based on the IEC 62443 series of standards, focused on the European railway network to which [Directive 2016/797 - Interoperability of the rail system within the EU](#Directive-2016/797) applies.