IEC 62443-4-2-2019 cor1-2022 PDF

Full title and description

St IEC 62443-4-2:2019/COR1:2022 — Corrigendum 1 to "Security for industrial automation and control systems — Part 4-2: Technical security requirements for IACS components". This corrigendum records editorial and technical corrections to the published IEC 62443-4-2:2019 document and is issued as a one-page corrigendum.

Abstract

This corrigendum (COR1:2022) updates and corrects specific text and references in IEC 62443-4-2:2019 related to the technical security requirements for industrial automation and control system (IACS) components. It is intended to clarify requirements and fix errors in the original 2019 edition without changing the overall intent or structure of the component-level requirements set out in the base document.

General information

• Status: Published.
• Publication date: 30 August 2022 (Corrigendum publication).
• Publisher: International Electrotechnical Commission (IEC).
• ICS / categories: 25.040.40 (Industrial process measurement and control); also listed with IT security classification 35.030.
• Edition / version: Corrigendum 1 to IEC 62443-4-2 Ed. 1.0 (labelled Ed. 1.0 b Cor.1:2022).
• Number of pages: 1 (corrigendum page).

Scope

The corrigendum applies only to IEC 62443-4-2:2019 and corrects identified editorial and technical errors in the component technical requirements (CRs) and related normative references. It does not replace or reissue the full 2019 standard; it amends and clarifies the published text and is intended to be read together with IEC 62443-4-2:2019. The base standard defines component-level technical requirements mapped to the seven foundational requirements (IAC, UC, SI, DC, RDF, TRE, RA).

Key topics and requirements

• Formal corrections to text and tables in IEC 62443-4-2:2019 (editorial and minor technical fixes).
• Clarifications to component requirements (CRs) that implement the seven foundational requirements for IACS components (Identification & Authentication, Use Control, System Integrity, Data Confidentiality, Restricted Data Flow, Timely Response to Events, Resource Availability).
• Reference and cross‑reference updates to other IEC 62443 parts as needed for consistency.
• Does not change the defined security capability level framework (SL‑C) in the base document; corrections are primarily to wording, references and presentation.

Typical use and users

Component vendors, product security engineers, integrators, assessors and conformity/certification bodies use this corrigendum together with IEC 62443-4-2:2019 to ensure that product technical security requirements are interpreted and implemented according to the corrected text. Asset owners and system architects consult the corrected requirements when specifying component security capabilities.

Related standards

Part of the IEC 62443 series. Relevant and closely related documents include IEC 62443-4-1 (secure product development lifecycle), IEC 62443-3-3 (system security requirements and security levels), IEC 62443-1-1 (terminology, concepts and models) and other Parts in the 62443 family covering policies, program requirements and assessment methods. Users should consult the full series when defining program, system and product-level requirements.

Keywords

IEC 62443, corrigendum, IACS, industrial cybersecurity, component requirements, SL‑C, foundational requirements, technical security requirements, product security, COR1:2022

FAQ

Q: What is this standard?

A: It is Corrigendum 1 (2022) to IEC 62443-4-2:2019 — a one-page correction document that amends and clarifies the technical security requirements for IACS components published in the 2019 edition.

Q: What does it cover?

A: It covers editorial and limited technical corrections to the published component-level requirements in IEC 62443-4-2:2019. It should be read alongside the full 2019 standard; it does not replace the base document.

Q: Who typically uses it?

A: Component manufacturers, security engineers, integrators, testing and certification bodies, and asset owners referencing component technical requirements within the IEC 62443 framework.

Q: Is it current or superseded?

A: The corrigendum was published on 30 August 2022 and is the current published correction to IEC 62443-4-2:2019. The underlying 2019 standard remains the base publication; the corrigendum amends that edition. Check the IEC Webstore or your national standards body for any later amendments or new editions.

Q: Is it part of a series?

A: Yes — it is part of the IEC 62443 series (Industrial communication networks — Network and system security) and specifically amends Part 4‑2 of that series. For full context consult related Parts such as 62443-4-1, 62443-3-3 and 62443-1-1.

Q: What are the key keywords?

A: IACS, technical security requirements, component requirements (CRs), security capability levels (SL‑C), corrigendum, IEC 62443, product security, foundational requirements.