Human-centric Introduction to a Complex Cybersecurity Standard

Jan Eißler; Marko Schuba; Tim Höner; Sacha Hack; Georg Neugebauer

doi:10.54941/ahfe1004249

AHFE International

Accelerating Open Access Science in Human Factors Engineering and Human-Centered Computing

Human-centric Introduction to a Complex Cybersecurity Standard

Open Access

Article

Conference Proceedings

Authors: Jan Eißler, Marko Schuba, Tim Höner, Sacha Hack, Georg Neugebauer

Abstract

Industrial automation and control systems (IACS) operate in complex and increasingly networked environments of industrial plants. Due to the increasing number of cyberattacks, these systems are also exposed to the growing threat of being attacked. IACS are often found in critical infrastructure such as power supply or water treatment plants, as well as in industry, so their compromise can result in devastating consequences. To prevent this, the IEC-62443 series of standards was developed to address the cybersecurity of IACS. In order to achieve cybersecurity in accordance with the IEC-62443 standard, the human factor plays a major role, as it is humans that need to implement and manage the cybersecurity controls. To help those users to get started and gain a basic understanding of important IEC-62443 concepts such as zones and conduits, defense in depth, and security levels, this paper defines an experience-based practical approach to train users w.r.t. application and implementation of the standard.

Keywords: Cybersecurity, Industrial Automation and Control Systems, IEC-62443, Competence, Training, Human Factor

DOI: 10.54941/ahfe1004249

Cite this paper

Downloads

991

Visits

1401

Download PDF

More from this volume

← IEQ Visual Data to Building Occupants for Personal Control of Indoor Environmental Quality A Method for Adversarial Example Generation Using Wavelet Transformation →

View all articles in Human-Centered Design and User Experience →