NE 177 is newly publishedfrom 2021-04-12
Abstract to NE 177 "NAMUR Open Architecture – NOA Security Zones and NOA Security Gateway"
It is important that data and information can flow from the core process control domain into the monitoring and optimization domain, but that this interface cannot compromise the security goals of the core process automation. This is the task of the NOA Security Gateway, the concept of which is presented in this NAMUR recommendation.
For this purpose, this guideline first defines the three NOA Security Zones "Core Process Control", "Monitoring & Optimization on-premises" and “Monitoring & Optimization off-premises." Following the IEC 62443-3-3 standard, protection profiles are defined that achieve different security levels: NOA BASIC and NOA EXTENDED. These protection profiles include security requirements that apply to both, the (core) automation system in general and a NOA Security Gateway as a component.
The basic functional requirements are specified for the three modules of a NOA Security Gateway. They include, for example, the unidirectional data flow without any feedback bath and the mechanisms for data retrieval and provision.
Finally, operational aspects of the NOA Security concept are covered, describing the design, implementation and maintenance of the concept in the life cycle.