IEC 62443-ALIGNED ASSESSMENT

IEC 62443 Assessment for Industrial Automation Systems

A structured review of OT architecture, security practices and lifecycle activities using IEC 62443 principles as an engineering framework.

Translate IEC 62443 principles into practical engineering actions

IEC 62443 addresses cybersecurity across the industrial automation and control-system lifecycle. It includes responsibilities for asset owners, service providers, system integrators and product suppliers. Kalman Control can assess selected areas of an industrial system against agreed IEC 62443 principles and client requirements. The result is a documented gap assessment and improvement roadmap, not an accredited certification.

Possible assessment areas

System definition

  • System under consideration
  • Included assets
  • External interfaces
  • Trust boundaries
  • Operational dependencies
  • Safety dependencies

Zones and conduits

  • Zone identification
  • Asset grouping
  • Required communication
  • Conduit definition
  • Inter-zone controls
  • External access paths
  • Package interfaces

Security requirements

  • Identification and authentication
  • Use control
  • System integrity
  • Data confidentiality where applicable
  • Restricted data flow
  • Timely response to events
  • Resource availability

Organisational processes

  • Security responsibilities
  • Risk-management process
  • Change management
  • Incident handling
  • Backup and recovery
  • Patch management
  • Supplier management
  • Documentation management

Project and lifecycle activities

  • Security requirements during design
  • Secure integration
  • Factory acceptance testing
  • Site acceptance testing
  • Commissioning
  • Handover
  • Maintenance
  • Modification
  • Decommissioning

Typical outputs

  • Defined assessment scope
  • System-under-consideration description
  • High-level architecture findings
  • Zones-and-conduits observations
  • Requirement-gap register
  • Organisational-process findings
  • Technical-control findings
  • Priority classification
  • Recommended actions
  • Improvement roadmap
  • Suggested evidence list
  • Optional assessment workshop

Scope options

Focused review

Assessment of one selected area such as remote access, backup, accounts or network segmentation.

System assessment

Review of one machine, package unit, production line or control-system domain.

Broader programme review

Structured assessment across multiple systems, project phases or organisational processes.

Assessment, not certification

This service is an engineering assessment aligned with selected IEC 62443 principles. It is not an accredited certification audit and does not issue an official IEC 62443 certificate.

Related services

Explore related inspection services

Select a related service or contact route for your requirement.

OT Cybersecurity

Overview of OT cybersecurity assessment services.

Learn more →

OT Security Gap Analysis

Structured comparison of current OT security posture against agreed requirements.

Learn more →

Industrial Network Review

Engineering review of industrial network architecture and exposure.

Learn more →

Contact

Discuss IEC 62443 assessment requirements with Kalman Control.

Learn more →

Define the right IEC 62443 assessment scope

Share your system architecture, project stage and assessment objective so the review can be tailored to your environment.