A newly published standard specifies process requirements for the secure development of products used in industrial automation and control systems (IACS).
The new standard, ISA/IEC 62443-4-1-2018, is named Security for Industrial Automation and Control Systems Part 4-1: Product Security Development Life-Cycle Requirements. It also defines a secure development life cycle for developing and maintaining secure products used in an IACS. This life cycle includes security requirements definition, secure design, secure implementation (including coding guidelines), verification and validation, defect management, patch management and product end of life.