Germany: Security New Namur Recommendation: NE 177 NOA Security Zones and Security Gateway
The Namur Open Architecture (NOA) aims to make production and plant data easily and securely usable for plant and equipment monitoring and optimization.
Leverkusen/Germany – It is important that data and information can flow from the core process control domain into the monitoring and optimization domain, but the interface cannot compromise the security goals of core process automation. This is the task of the NOA Security Gateway.
For this purpose, this guideline first defines the three NOA Security Zones ‘Core Process Control’, ‘Monitoring & Optimization on-premises’ and ‘Monitoring & Optimization off premises.’ Following the IEC 62443-3-3 standard, protection profiles are defined that achieve different security levels: NOA Basic and NOA Extended. These protection profiles include security requirements that apply to both, the (core) automation system in general and a NOA Security Gateway as a component.
The basic functional requirements are specified for the three modules of a NOA Security Gateway. It includes, for example, the unidirectional data flow without any feedback and the mechanisms for data retrieval and provision.
Finally, operational aspects of the NOA Security concept are covered, describing the design, implementation and maintenance of the concept in the life cycle.