Industrial cyber security: An idea whose time has come?

30 September 2014

The market for industrial cyber security products remains extremely immature, with currently over 160 vendors offering a variety of hardware, software and services. In contrast to other parts industrial automation markets, no one vendor dominates; and those with the highest market share typically specialise in a particular region, industry sector or technology. However, IHS believes there will be a shakeout.

Control systems already in use will sustain the market for ‘on-top’ industrial cyber security hard-ware, software and services. Many of these systems are inherently insecure. A quiet revolution is already occurring in an industry more used to incremental improvement. 

Vendors of control systems have united around IEC 62443 which, when finalised, will describe how to secure control system assets throughout their lifecycle (including development). Only parts of the IEC 62443 standard have so far been released; but once the standard and certification services are available, all tier 1 vendors are expected to offer an IEC 62443 product.
It is likely that these products will have different levels of capability. IEC 62443 has seven major criteria for building secure components/systems. For these criteria, the IEC 62443 standard borrows some of the language of the safety world – the security levels ‘SL’ are analogous to safety-integrated-levels, with levels ranging from 1 to 4 (SL 1 being least secure, SL 4 being most secure) although the final security level depends on how the asset owner implements the component or system.
Overall, IHS projects a good growth rate for industrial cyber security hardware, software and ser-vice revenues, with an annual average growth rate of 12% from 2013  to 2019. The market will be sustained by the high number of legacy assets which require securing. Over a much longer 10-15 year timeframe, the demand for on-top hardware/software/services is likely to decrease, as fewer compensating controls will be required to secure control systems that are secure by design.

Contact Details and Archive...

Print this page | E-mail this page