Enterprise Integration Standards for Control Systems Engineers

The following are Key Enterprise Integration and Cybersecurity Standards for use by Control Systems Engineers in the design of Automation and Control Systems (ACS). ACS are characterized by high reliability and standardization of products, systems, and engineering practices that were developed over many years for control of hazardous facilities.

ACS are designed according to the following SAIC priorities:

1. Safety
2. Availability
3. Integrity
4. Confidentiality

This list is not meant to be exhaustive for all industries, but rather to describe the most important commonly-encountered standards. For a more detailed list of Enterprise Integration standards, see the PERA User Guides for that specific industry. For example, Click here to view a Process Industry example. Standards in User Guides are also organized according to the Discipline (Professional Role) responsible for implementing that standard.

The Standards below are presented alphabetically, according to the Standards body responsible for writing and maintaining these standards. They are not divided by Enterprise Phase as many standards are used at more than one phase of the Enterprise Life Cycle.

It is important that ACS standards are identified during Master Planning or Conceptual Engineering, as failure to do so will result in disruption of interfaces with other engineering disciplines. This will cause re-work, schedule slippage and increased costs. Not only must standards be selected as early as possible, any conflicts between standards must be resolved and documented.

• CEN TC310 WG1 is the working group that deals with Enterprise Modelling for Computer Integrated Manufacturing within TC310, the technical committee for Advanced Manufacturing Technologies. TC310 has primarily focused on discrete manufacturing.
• CEN work is coordinated with ISO TC184/SC5/WG1 (see below) under the Vienna agreement.

• Press Release announcing the release of the Draft of Cybersecurity Risk Management Process (RMP) Guideline for Public Comment

• IEC 61131-3 Industrial Control Programming Standards including:

Sequential Function Charts Ladder Diagrams Function Block Diagrams

Instruction Lists Structured Text

• IEC 61804-2 FDI Field Device Integration
  brings Electronic Device Description Language (EDDL) and Field Device Tool (FDT) standards together. The evolution of this standard from the Hart EDDL and Profibus FDT is described in this Fieldbus Foundation slideshare presentation.

• ISA-5 Instrumentation Symbols and Diagrams
• ISA-18 Management of Alarms
• ISA-20 Instrument Specification Forms
• ISA 50 Signal Compatability of Electrical Instruments
• ISA 50.1 is the 4-20 ma analog instrument interface standard.
• ISA TR50.02, Parts 3 & 4 describes the Fieldbus digital highway standard that was republished as IEC 61158
• ISA-75 and ISA-96 Control Valves and Valve Actuators
• ISA-84 Instrumented Systems to Achieve Functional Safety (SIS/SIL)
• ISA-88 Batch Control Standard.
  This standard covers a wide range of control and data issues associated with batch process plants.
  • Batch Control Part 1 Covers Models and terminology of the standard
  • Batch Control Part 2 Covers Data Structures and Language Guidelines
• ISA-95 Enterprise to Control System Integration
  • ISA-95 addresses the exchange of data between Control Systems and Manufacturing Execution Systems (MES). This presentation gives an introduction.
• ISA-99 committee creates and maintains IEC/ISA-62443. This is a Cybersecurity standard offering guidance on Automation and Control Systems (ACS). Note that ISA 62443 and IEC 62443 are substantially identical.
  Here is a Quick Reference sheet that you may print and laminate.
  The standard consists of the following parts:
• 62443-1-1: Terminology, concepts and models
  
• 62443-1-5: Scheme for IEC 62443 security profiles (draft)
  
• 62443-2-1: Security program requirements for asset owners.
  
• 62443-2-3: Patch management in the ACS environment
  
• 62443-2-4: Security program requirements for ACS service providers
  
• 62443-3-1: Security technologies for industrial automation and control systems
  
• 62443-3-2: Security risk assessment for system design
  
• 62443-3-3: System security requirements and security levels
  
• 62443-4-1: Secure product development lifecycle requirements
  
• 62443-4-2: Technical security requirements for ACS components
  
• 62443-6-1: Security evaluation methodology for IEC 62443-2-4 (draft)
  
• 62443-6-2: Security evaluation methodology for IEC 62443-4-2 (draft)
  
• ISA-100 Wireless Systems for Automation (Networking Standard)
  • ISA100 (IEC 62734) is an international, industrial wireless networking standard engineered to serve the needs of process industries.
  • With native IPv6 networking, ISA100 Wireless extends the Industrial Internet of Things (IIOT) to wireless.
  • The ISA100 Wireless Compliance Institute was established to certify vendor implementations of this standard.
• ISA-101 Human-Machine Interface
• ISA-106 Procedure Automation for Continuous Process Operations
• ISA 108 Intelligent Field Device Configuration Management
  The purpose of ISA-108 is to define standard templates of best practices and work processes for implementation and use of diagnostic and other information provided by intelligent field devices in the process industries. It consists of 3 parts:
• Part 1: Models and Terminology
• Part 2: Work Process Specifications
• Part 2.1: Configuration and Revision Management
• Part 2.2: Diagnostics Management
• Part 2.3: Field Procedure Management
• Part 3.x: Implementation Guide
• ISA-112 SCADA Systems

Note: a similar set of standards is available from International Electrotechnical Commission (IEC), British Standards (BS), Norwegian Petroleum Industry Standards (NORSOK), and other national standards bodies. Copyright and "fair use" rules for these national standards vary widely, but are generally less restrictive than ISA, especially in respect to use of copyright standards with AI tools and assistants.

• ISO TC184 SC5 WG1 Enterprise Modelling and Architecture
• Supported by NIST (US National Institute of Standards & Technology)
• Coordinated with CEN TC310 WG1 (see above) under the "Brussels Agreement"
• ISO 15704 Enterprise Modelling and Architecture
  Requirements for enterprise-referencing architecture and methodologies.  This document includes and updates certain PERA concepts.
• ISO 15926 Defines an Enterprise Life Cycle Data Exchange standard which is coordinated with ISO 14224 in the Reference Domain, and ISO 18435 & 13374 in the Execution Environment.

NAMUR is a membership-only organization of users of automation in process industries. NAMUR Standards include:

• NA 01 (1967): Noncontacting Initiators and amplifiers - Characteristics proximity switches (IEC 60947-5-6 Current ranges for signal levels of digital transmitters )
• NE 43: Standardization of the Signal Level for Failure Information (Discrimination between process and failure information, also µP based devices
• NE 105: Specifications for Integrating Fieldbus Devices in Engineering Tools for Field Devices.
• NE 131: NAMUR Standard Device Field Device Requirements for Standard Applications (80% of application cases).
• NE 132: Coriolis Mass Meters including "Weights and Measures" approval
• NE 107: Self-Monitoring and Diagnosis of Field Devices

NIST Computer Security Resource Center
CSRC is the Computer Security Division's Web site. It is used to encourage broad sharing of information security tools and practices, to provide a resource for information security standards and guidelines, and to identify and link key security Web resources to support the industry.

• NIST Cybersecurity Framework
  is a set of voluntary guidelines designed to help government organizations assess and improve their ability to prevent, detect, and respond to cybersecurity risks for critical infrastructure sectors. It has also been adopted across various private industries.
• NIST 800-53: Security and Privacy Controls for Information Systems and Organizations
  

OPC Foundation is a cooperative industry body that develops royalty-free electronic business standards for trading partners within the Global Energy Industry. This includes data acquisition and transport standards.

• Standards library of electronic forms and EDI documents for the petroleum and pipeline industry
• OPC UA is a platform-independant service-oriented architecture specification that integrates all functionality from existing "classic" OPC specifications. Its 19 parts cover topics including: Security Model, Address Space Model, Services, Information Model, Mappings, Profiles, Data Access, Alarms and Conditions, Programs, Historical Access, Discovery, Aggregates, Architecture for Analyzers, PLCs, FDI, and Devices, as well as an ISA-95 Common Object Model.

PIDX International is an industry body that develops royalty-free electronic business standards for trading partners with the Global Energy Industry.

• Standards library of electronic forms and EDI documents for the petroleum and pipeline industry

• Process Control and
• P&IDs (Piping and Instrumentation Diagrams).

Profibus and Profinet International provides standards and testing for Profibus hardware and software including the PROFIBUS Industrial Data Highway Standard.

• XML is the universal format for structured documents on the web.
• XML is a subset of SGML which was developed by IBM. XML was issued by the W3C Consortium in 1998.
• It is has received rapid acceptance at all levels in the enterprise architecture for exchanging information between applications.
• It is also the basis for many related standards. including BPMN and B2MML

TIA / EIA Telecommunications Industry Association / Electronic Industries Association.

• The TIA/EIA 568 TIA/EIA 568 Commercial Building Telecommunication standard was jointly developed by TIA and EIA.
• The ISO/IEC-11801 Generic Customer Premises Cabling standard is an international cabling standard, based on the ANSI/TIA/EIA-568, that may be used for industrial control systems and premises cabling.

General Standards References

Tech Street Industry Standards Page This site provides listing and archives of many standards. They provide a video about how to use their online standards. They will even send a notice that standards you purchased have changed. Tech Street is not limited to enterprise integration standards and addresses a huge set of standards bodies from around the world.

Computers and Comunication Standards and Cross References page is a good standards resource with a target audience of IT and telecommunications professionals (Disciplines 780 and 784). It includes links to many relevant standards homepages.