One distinguishing aspect of AR is the proprietary hardware required to interact with the device and collect data from the user’s environment. Because the hardware, firmware, software drivers, and data collected may fall into unchartered territory in terms of security, it is important to exercise caution evaluating their protection profiles. It is important to list all peripherals, I/O, and sensors featured by the device. This list should also include related software, and a threat assessment to minimize the possibility of attacks on confidentiality, integrity, and availability.
The International Electrotechnical Commission (IEC) is an internationally-recognized non-profit organization that publishes standards for electrical, electronic and related technologies. IEC 62443-3-3, Security for industrial automation and control systems – System security requirements and security levels, defines four security levels for rating cyber threat protection elements, providing guidance on how to evaluate the protection levels for different security functions.
IEC security protection levels.
| IEC Security Protection Level | Description |
| SL1 | Protection against casual violation |
| SL2 | Protection against intentional violation using simple means |
| SL3 | Protection against intentional violation using sophisticated means |
| SL4 | Protection against intentional violation using sophisticated means with extended resources |
The following items are required for SL >0
The following items are required for SL >1
The following items are required for SL >3
Identity is the basis for trust in asset management, authentication, authorization, and remote maintenance. AR devices should be able to create at least one unique device identity. The device should also support creation of multiple device support identities, and multiple owner identities. Identities have different security levels. Please refer to the document “Secure Identities” from Industrie 4.0 for an in-depth discussion on identities.
The International Electrotechnical Commission (IEC) is an internationally-recognized non-profit organization that publishes standards for electrical, electronic and related technologies. IEC 62443-3-3, Security for industrial automation and control systems – System security requirements and security levels, defines four security levels for rating cyber threat protection elements, providing guidance on how to evaluate the protection levels for different security functions.
IEC security protection levels.
| IEC Security Protection Level | Description |
| SL1 | Protection against casual violation |
| SL2 | Protection against intentional violation using simple means |
| SL3 | Protection against intentional violation using sophisticated means |
| SL4 | Protection against intentional violation using sophisticated means with extended resources |
The following items are required for SL >0
The following items are required for SL >1
The following items are required for SL >2
You must be an AREA subscriber and logged in to access this content. Please login or click below to create your free AREA subscriber account and access this valuable content today.
Need more advice on the types of membership you cant get? Click here for our FAQ section on memberships.