← Home

Automation Solution Security Lifecycle

The Automation Solution Security Lifecycle defines the engineering process used to design, build, operate, maintain, and retire a secure Industrial Automation and Control System (IACS).

Automation Solution Security Lifecycle
Figure – The eight engineering phases of the Automation Solution Security Lifecycle.

Introduction

While the IACS Cybersecurity Lifecycle focuses on the continuous management of cybersecurity, the Automation Solution Security Lifecycle describes the eight engineering phases that occur throughout the life of an industrial control system.

Each phase defines clear activities, deliverables, and responsibilities for the Asset Owner, Integration Service Provider, Maintenance Service Provider, and Product Supplier. Together, these phases ensure cybersecurity is integrated into every stage of an automation project's lifecycle—from the earliest concept through to secure decommissioning.

The lifecycle follows established systems engineering principles and aligns cybersecurity with operational reliability, functional safety, and long-term asset management.


Why an Automation Solution Lifecycle?

Industrial automation projects typically remain operational for decades and undergo numerous modifications during their lifetime.

Without a structured engineering lifecycle:

The Automation Solution Security Lifecycle provides a repeatable framework that integrates cybersecurity into every engineering activity, ensuring systems remain secure throughout their operational life.


The Eight Lifecycle Phases

Phase 1 – Specification

The Specification phase establishes the cybersecurity requirements before system design begins.

The Asset Owner identifies the System Under Consideration (SUC) and performs an initial cybersecurity risk assessment.

Key activities include:

Primary Responsibility: Asset Owner

Supporting Roles: Product Supplier (consultation)

Key Deliverables:


Phase 2 – Design

The Design phase develops the detailed cybersecurity architecture required to achieve the Target Security Levels.

Each Zone and Conduit is assessed individually to determine the required technical and organisational security measures.

Activities include:

The Asset Owner must approve the Cybersecurity Requirements Specification before implementation begins.

Primary Responsibility: Integration Service Provider

Accountable: Asset Owner

Supporting Roles: Product Supplier

Key Deliverables:


Phase 3 – Implementation

During implementation, the designed security measures are installed, configured, and integrated into the Automation Solution.

Security must also be maintained throughout the installation process.

Typical activities include:

The implementation phase should maintain physical and logical security throughout commissioning.

Primary Responsibility: Integration Service Provider

Supporting Roles: Product Supplier, Maintenance Service Provider, Asset Owner

Key Deliverables:


Phase 4 – Verification

Verification confirms that the system has been built according to the approved design.

It answers the question:

"Did we build the system correctly?"

Activities include:

Verification focuses on ensuring implementation matches design.


Phase 5 – Validation

Validation confirms the completed Automation Solution satisfies operational requirements.

It answers the question:

"Did we build the correct system?"

Activities include:

Immediately before commissioning, default credentials, vendor passwords, and encryption keys should be replaced to ensure the system enters service securely.


Phase 6 – Operations

Once commissioned, the Automation Solution enters normal operation.

The Asset Owner is responsible for operating the system securely while maintaining both organisational and technical security measures.

Activities include:

Cybersecurity becomes part of daily operational management.

Primary Responsibility: Asset Owner


Phase 7 – Maintenance

Maintenance ensures the Automation Solution continues meeting its cybersecurity objectives throughout its operational life.

Maintenance may be triggered by:

Typical maintenance activities include:

Maintenance should continuously improve the security posture of the Automation Solution.

Primary Responsibility: Maintenance Service Provider

Supporting Roles: Product Supplier, Asset Owner


Phase 8 – Decommissioning

Eventually, equipment reaches the end of its operational life.

The Decommissioning phase ensures obsolete equipment does not become a future cybersecurity risk.

Activities include:

Secure decommissioning prevents confidential information from remaining accessible after equipment has been retired.

Primary Responsibility: Maintenance Service Provider

Approval: Asset Owner


Roles Throughout the Lifecycle

Cybersecurity is a shared responsibility throughout every lifecycle phase.

Asset Owner

Integration Service Provider

Maintenance Service Provider

Product Supplier

Although responsibilities are shared, the Asset Owner remains accountable for the cybersecurity of the IACS throughout its lifecycle.


Continuous Security Throughout the Lifecycle

Cybersecurity is present in every engineering phase.

Rather than being completed during implementation, security is continuously maintained through:

Changes to the Automation Solution should always follow a documented Management of Change (MoC) process to ensure cybersecurity risks remain acceptable.


Key Principles

The Automation Solution Security Lifecycle is based on several important principles:


Relationship to the IACS Cybersecurity Lifecycle

The Automation Solution Security Lifecycle is the detailed engineering implementation of the broader IACS Cybersecurity Lifecycle.

The IACS Cybersecurity Lifecycle describes the continuous process of:

The Automation Solution Security Lifecycle expands these concepts into eight structured engineering phases that guide the design, deployment, operation, maintenance, and retirement of secure industrial control systems.

Together, these lifecycles ensure cybersecurity is continuously managed while also providing a practical engineering framework for implementing secure automation solutions.


Key Takeaways


Standards Reference

Primary Standards

AEBOK Standards Reference: Refer to ISA/IEC 62443 Part 3-2 (particularly the Zone, Conduit and Risk Assessment process), Part 2-4 (service provider responsibilities), Part 2-3 (maintenance and patch management), and the Automation Solution Security Lifecycle described in ISA/IEC 62443-2-2 Annex A (draft). These documents collectively define the engineering lifecycle, associated activities, and stakeholder responsibilities for secure IACS implementation.