Date: May 14, 2015 Time: 11:00 ET US Lead: E. Cosman Notes: E. Cosman Distribution: ISA99 committee and stakeholders ISA99 Working Group 5 ISA99 Working Group 5 ISA 67 Alexander Drive PO Box 12277 Research Triangle Park, NC 27709 Telephone 919/549-8411 Fax 919/549-8288 Name Affiliation Group Present Ayman Al-Issa WG1 Eliana Brazda ISA Staff P Eric Cosman OIT Concepts LLC Chair P William Cotter 3M PI&CS WG6 P John Cusimano AE Solutions WG7 Jim Gilsinn Kenexis WG2 Andrew Ginter Waterfall WG1 Tom Good DuPont WG2 Vic Hammond Argonne National Laboratory WG12 P Dennis Holstein Opus Consulting Group WG12 Lee Neitzel Consultant TC65 WG10 Johan Nye ExxonMobil WG4 Tom Phinney Consultant TC65 WG10 Jeff Potter Emerson Process Management WG3/4/7 P Charley Robinson ISA Staff P Ragnar Schierholz ABB WG3 Kevin Staggs Honeywell Corporate Research WG4 Herman Storey Consultant WG9 P Donovan Tindill Honeywell WG6 Joe Weiss Applied Control Solutions WG11 P P Present; p Partial attendance; D Declined or Unavailable Page 1 of 5
1. Old Business 1.1 Action Items The following are pending from previous meetings:- ID Action Item Responsibility Status Comments 12 Work with Jake Jackson on the process for embedding writers in the work and task groups. 24 Develop a single timeline that shows projected milestones for each of the 62443 work products. 32 Have WG4 discuss how to address supply chain, including manufacturing requirements for cybersecurity. 34 Poll WG5 members about the possibility of rescheduling these calls. Eric Suspended Eric has opened an Email dialog with Jake. The first step is to describe the role. Charley, Eric Closed The timeline tool is in place. Now we have to keep the data current. Johan N. Open Eric C. Closed Eric sent a note to WG5 to get feedback. Add link to milestone plan to minutes, as well as the Wiki. 2. New and Continuing Business In addition to regular work group updates the following specific topics will be addressed in this meeting. Face to face meeting plans Insurance Interest 3. Working Group Updates 3.1 WG1: Technologies (From April 30): Ayman reported that the meeting this week was well attended by the group; the discussion covered authentication methods, VPNs, industrial cybersecurity, etc. There was no report from this group. 3.2 WG2: Security Program (From April 30): Jim G. noted that he should have the draft of ISA-62443-2-1 by Monday, a cleaned up version with material that updates the requirements from the 2009 edition. Jim has posted the latest draft of ISA-62443-1-1 on the portal. 3.3 WG3: Concepts and Models (From April 30): There was no report from this group. This group met on Monday. The primary topic discussed was the relationship between the various life cycles used in the 62443 series. The group agreed that the general model developed by Pierre and Ragnar and the more focused model offered by John Cusimano are complementary. 3.4 WG4: Technical Requirements (From April 30): This group did not meet this week. The WG4 leaders did not meet his week. Page 2 of 5
3.5 WG6: Patch Management (From April 30): Jim G. has completed ISA-TR62443-2-3 and is getting the IEC version cleaned up and should be done with it today or tomorrow. He will be ready to go with publication of ISA-TR62443-2-3 shortly. The final 62443-2-3 documents are complete (ISA and IEC versions). WG6 is conducting a survey about next steps. This group has no plans to meet in Frankfurt. 3.6 WG7: Safety & Security (From April 30): ISA84 met and there was discussion about the safety & security technical report. Jim is continuing his work with that group, along with other members of WG7. TG1 met in the regular WG12 time slot. They are waiting for revisions to ISA-84.00.09. Based on comments from Hal Thomas, Vic Maggioli and other ISA84 members it appears that ISA84 and ISA99 are aligned with respect to the security and safety topic. Dennis Holstein will be providing a summary of status at the planned meeting of the IEC ad-hoc group in Vienna. 3.7 WG8: Communication and Outreach (From April 30): There was no update from this Work Group. There was no update from this Work Group. Our recent difficulties in getting the news out about our Frankfurt meeting point out the need to focus more on communications. 3.8 WG9: Wireless and Security JWG (From April 30): There was no report from this group. Herman was asked to give a talk at the ISA Analysis Division Symposium in Galveston, Texas. The stated theme was remote access, but it developed more into a security topic, related to third party (vendor) remote access. There was good discussion but no formal follow-up. Jeff said that his experience has been that best practices involve a single portal maintained by the customer that provides an entry point for all vendors. It is important to make sure that remote access is secure during assembly, commissioning, FAT, etc. This is more of a topic for ISA99 than ISA100. Specific guidelines are required. This is a possible use case for ISA-62443-1-4. 3.9 WG11: ISA99-ISA67 JWG on cyber security for nuclear plants (From April 30): Joe submitted comments on the TC45A CD. There is an IAEA meetings in the first week of June. Joe will be presenting, as well as participating on a panel on standards. 3.10 WG12: Metrics (From April 30): The group is on schedule for a mid-june circulation of the draft for comment; the draft document has gone through several edits. The charter for WG12 was approved by ISA99, unanimously approved. The group is working to rebuild 62443-1-3 in accordance with the charter. This group is working on a Draft for Comment (DC) which is planned for the end of June. This group will be meeting in Frankfurt. All comments from previous review are being addressed. 3.11 IEC TC65 WG10, ISO/IEC JTC1/SC27, and Other International Liaisons (From April 30): Joe W. submitted comments on the draft SC45A CD on nuclear pipeline security. Jim G. submitted the ISA99 liaison report to ISO/IEC JTC1/SC27 prior to their meeting in May. There was no report on this topic. Page 3 of 5
4. Committee Planning and Direction 4.1 Committee Work Product Roadmap Once we have confirmed the content of this document we will add a link to the committee wiki. The working copy is available in the Shared library: 4.2 Face to Face Meeting Planning http://isa99.isa.org/shared/planning/work-product-roadmap.xlsx (From April 30): WG12 has asked for a ½-day meeting in Frankfurt. Dennis H. expressed concern that there is no finalized agenda yet for the meeting. He thinks there may limited US participation in the meeting given that getting authorization from companies would require a more detailed agenda. Ayman expressed concern that the agenda and logistics need to be finalized in order for him to apply for his Visa to Germany. Charley confirmed that Lee will be in Frankfurt. We will schedule the lessons learned sessions in sequence on Thursday afternoon. Eric will send a note to the committee tomorrow with a copy of the agenda document. 4.3 WG5-TG1: Editors task group (Jim G.) Eliana will take care of reconciling the IEC and ISA versions of 62443-2-3. Once this has been completed there will be a quick default ballot to give voting members a chance to look at the final copy and confirm their previous votes. 5. External Initiatives Joe has spoken with representatives of insurance companies who are considering (or offering) cybersecurity related policies. They are trying to determine what has to be considered with respect to IACS. DHS has a Cyber Incident Data and Analysis (CIDA) working group that is looking at this and has asked for SME input from AF. Eric is offering input with Steve Mustard and Leo Staples. It is not clear that we need any more formal structure in the committee. Jeff suggested that someone should also try to determine if asset owners want this too. 6. Liaison Activities 6.1 Discussions with IEEE about cyber related activities There was no update on this topic. 6.2 Cybersecurity in Field Bus communications There is a meeting of the FieldComm group scheduled for Toronto in June. Jeff and Ragnar will attend. Security is one of the topics. Ragnar is chairing a security subgroup. The exact scope has to be defined, followed by specific tasks and objectives. Herman volunteered to help. Page 4 of 5
7. Membership and Recruitment There was no update on this topic. 8. Conferences and Events (From April 2): The next ICSJWG meeting is scheduled for the same week as the Frankfurt meeting. Ayman asked about an ISA conference planned for the end of May in the Middle East. He will provide more details. The ICS cyber security conference will be held in Atlanta on October 26-29. 9. Other Committee Business / Issues (From April 30): The most recent ISA99 Overview presentation that Jim G. could find on the ISA99 SharePoint, dated January 22, 2015, is available at: http://isa99.isa.org/public/information/201501-isa99-overview.pptx. There were no additional items mentioned. 10. Meeting Close The meeting adjourned at approximately 12:00 ET US. 10.1 Action Item Update ID Action Item Responsibility Status Comments 35 10.2 Next call / Adjourn The next WG5 call is scheduled for May 28, 2015 at 11:00 ET US. Page 5 of 5