Translate IEC 62443 principles into practical engineering actions
IEC 62443 addresses cybersecurity across the industrial automation and control-system lifecycle. It includes responsibilities for asset owners, service providers, system integrators and product suppliers. Kalman Control can assess selected areas of an industrial system against agreed IEC 62443 principles and client requirements. The result is a documented gap assessment and improvement roadmap, not an accredited certification.
Possible assessment areas
System definition
- System under consideration
- Included assets
- External interfaces
- Trust boundaries
- Operational dependencies
- Safety dependencies
Zones and conduits
- Zone identification
- Asset grouping
- Required communication
- Conduit definition
- Inter-zone controls
- External access paths
- Package interfaces
Security requirements
- Identification and authentication
- Use control
- System integrity
- Data confidentiality where applicable
- Restricted data flow
- Timely response to events
- Resource availability
Organisational processes
- Security responsibilities
- Risk-management process
- Change management
- Incident handling
- Backup and recovery
- Patch management
- Supplier management
- Documentation management
Project and lifecycle activities
- Security requirements during design
- Secure integration
- Factory acceptance testing
- Site acceptance testing
- Commissioning
- Handover
- Maintenance
- Modification
- Decommissioning
Typical outputs
- Defined assessment scope
- System-under-consideration description
- High-level architecture findings
- Zones-and-conduits observations
- Requirement-gap register
- Organisational-process findings
- Technical-control findings
- Priority classification
- Recommended actions
- Improvement roadmap
- Suggested evidence list
- Optional assessment workshop
Scope options
Focused review
Assessment of one selected area such as remote access, backup, accounts or network segmentation.
System assessment
Review of one machine, package unit, production line or control-system domain.
Broader programme review
Structured assessment across multiple systems, project phases or organisational processes.
Assessment, not certification
This service is an engineering assessment aligned with selected IEC 62443 principles. It is not an accredited certification audit and does not issue an official IEC 62443 certificate.
Explore related inspection services
Select a related service or contact route for your requirement.
OT Cybersecurity
Overview of OT cybersecurity assessment services.
Learn more →OT Security Gap Analysis
Structured comparison of current OT security posture against agreed requirements.
Learn more →Industrial Network Review
Engineering review of industrial network architecture and exposure.
Learn more →Request a Consultation
Submit system information and assessment requirements.
Open request form →Contact
Discuss IEC 62443 assessment requirements with Kalman Control.
Learn more →