ISA 99/IEC 62443 Series: Definition & Purpose for ICS/SCADA Systems

Instructor: Prashant Mishra

Prashant is currently pursuing his bachelors in Computer Science and Engineering.

In this lesson we will describe the purpose and scope of ISA99 (Industrial Automation and Control Systems Security) and IEC 62443 series of standards as applied to ICS and SCADA systems.

If you are a computer geek like me, you would have come across ISA many a times in your life. ISA basically are standards which define how a particular product, commodity, service should be. ISA99 similarly is another set of standards which are applicable to Industrial Automation and Control Systems Security. These are developed and modified regularly by cyber security experts from across the globe. ISA99 is also the backbone of the multi-standard IEC 62443 series.

ISA99 - Purpose and Scope


The ISA99 is meant to form standards, practices, reports, and other technical information that will define a set of standards for implementing Control Systems like ICS and SCADA and also the security practices involved with them. These standards apply to anyone involved with ICS and SCADA systems - users, system integrators and administrators, security experts, manufacturers, and sellers.

The ISA99 committee thrives to improve the integrity, availability, efficiency, and integrity for the manufacture and implementation of control systems. ISA99 also provides a list of vulnerabilities that the control systems might be prone to.

The current co-chairmen of ISA99 are Jim Gilsinn and Eric Cosman.


The ISA99 defines standards and if compromised could lead to the following situations:

  • Economic loss
  • Threat to national decurity
  • Employee safety
  • Violation of law

The ISA99 standards are not only limited to the manufacturing of both hardware and software components of the ICS and SCADA control systems but also to the human interfaces involved with them.

The image below captures the scope of the ISA99 in detail:

Scope of ISA99

IEC 62443

We have seen how ISA99 standards define the hardware and software model for control systems. They also provide security measures for them. However, to advance the security system, IEC 62443 was introduced. Note that this incorporates ISA99 standards also and some other extra measures. IEC 62443 is developed by the ISA99 committee.

IEC 62443 provides a framework to identify, address, and resolve security issues and breaches in control systems like ICS and SCADA systems. These are practiced by cyber security experts worldwide. They specify embedded devices, network components, host components, and software applications required for proper security maintenance of the control systems.

The IEC 62443 defined a life cycle for developing and maintaining secure control system products in February 2018. This life cycle includes the following:

  • Identifying security requirements of the control systems
  • Secure designing of the system (including software)
  • Secure implementation of the system (including software)
  • Verification and validation of the system
  • Patch management of the system
  • Product end of life

To unlock this lesson you must be a Member.
Create your account

Register to view this lesson

Are you a student or a teacher?

Unlock Your Education

See for yourself why 30 million people use

Become a member and start learning now.
Become a Member  Back
What teachers are saying about
Try it risk-free for 30 days

Earning College Credit

Did you know… We have over 200 college courses that prepare you to earn credit by exam that is accepted by over 1,500 colleges and universities. You can test out of the first two years of college and save thousands off your degree. Anyone can earn credit-by-exam regardless of age or education level.

To learn more, visit our Earning Credit Page

Transferring credit to the school of your choice

Not sure what college you want to attend yet? has thousands of articles about every imaginable degree, area of study and career path that can help you find the school that's right for you.

Create an account to start this course today
Try it risk-free for 30 days!
Create an account