Glossary
IEC 62443 compliance refers to adherence to the IEC 62443 series of international standards developed by the International Electrotechnical Commission (IEC) and ISA for securing industrial automation and control systems (IACS). The standard defines cybersecurity requirements for system integrators, asset owners, product suppliers, and service providers in operational technology (OT) environments. It covers technical, procedural, and governance-based security controls across system lifecycles.
IEC 62443 provides a comprehensive, vendor-neutral framework for protecting industrial systems against cyber threats. It is globally recognized and widely adopted in sectors such as energy, manufacturing, transportation, and critical infrastructure. The standard addresses a broad range of controls, from network segmentation and security levels to authentication, remote access, and auditability.
Access control is a central focus of several IEC 62443 components:
Compliance with IEC 62443 not only reduces cyber risk in industrial systems but also supports procurement, regulatory alignment, and supply chain assurance across global operations.
Xona enables compliance with IEC 62443 access control and remote access requirements by delivering a secure, protocol-isolated access platform purpose-built for OT environments. Its features map directly to key IEC 62443-3-3 and 2-4 technical requirements, including:
By providing granular access control, visibility, and auditability, without requiring direct network exposure, Xona helps asset owners, system integrators, and vendors enforce the technical controls outlined across the IEC 62443 framework.
IEC 62443 is a globally recognized framework that defines cybersecurity controls for securing Industrial Automation and Control Systems (IACS). Its purpose is to help asset owners, system integrators, and service providers implement technical, procedural, and governance-based security measures that reduce cyber risk throughout the lifecycle of industrial systems.
Compliance responsibilities are shared across stakeholders: asset owners must define and enforce security policies, system integrators must design and configure systems according to IEC 62443 requirements, and product suppliers and service providers (e.g., remote support vendors) must meet technical criteria for secure access, identity management, and auditability.
Part 3-3 of the standard outlines foundational requirements (FRs) and system requirements (SRs) for secure access, including: SR 1.1–1.3: Identification and authentication controls; SR 1.4–1.6: Least privilege, account management, and role-based access control; and SR 1.7–1.9: Session management, audit logging, and traceability. These controls are essential for securing privileged access and enforcing accountability in OT environments.
Xona enforces access controls that align with IEC 62443 by implementing identity- and role-based authentication, time-restricted access windows, and credential injection to eliminate shared or exposed credentials. All user activity is logged and recorded, and remote access is delivered through browser-based sessions with protocol isolation, reducing risk to core systems.
Yes. IEC 62443-2-4 outlines specific requirements for service providers delivering remote support. Xona satisfies these by enabling temporary, just-in-time remote sessions, tied to individual identities and approved roles. Each session is fully auditable and can be supervised or terminated in real time to maintain compliance and operational control.
Compliance with IEC 62443 not only improves cyber resilience in OT systems but also supports regulatory alignment, supply chain assurance, and procurement requirements. Many industrial buyers and government agencies reference IEC 62443 as a baseline for vendor qualification, making compliance a competitive differentiator as well as a security necessity.
Originally published December 04, 2025
