A standard for secure gateways for data and services
The publishing of DIN SPEC 27070, adding to the IDS reference archi- tecture, represents another milestone on the way to secure cross- company exchange of industrial manufacturing data. The new standard was developed in the course of a workshop led by Andreas Teuscher (SICK AG) and Gerd Brost (Fraunhofer AISEC), who were supported by Martin
Uhlherr from DIN (German Institute for Standardization).
DIN SPEC 27070 specifies the requirements to be met by a security
gateway used for exchanging industrial manufacturing data and services, including the environment such a gateway can be used within. The gateway, which can be embedded in the IDS ecosystem and which has been specified in line with IDS certification rules, allows three different levels of security (Base, Trust, Trust+). These security levels comply with ISO/IEC 62443 (particularly ISO/IEC 62443–4‑2), but have been extended by including additional requirements deemed necessary for the IDS ecosystem.
DIN SPEC 27070 is the first initiative specifying requirements regarding a secure gateway for cross-company data exchange in the manufacturing industry. Gateways for other industries are envisaged for the future. “Our goal is to make DIN SPEC 27070 an international standard. And we see possibilities of broadening its scope and cover other areas of application as well, so that it can evolve into a multipart standard in the medium run“, say Andreas Teuscher und Gerd Brost, who also express their gratitude to all partners from industry and research involved in the process: “Creating this new standard would not have been possible without the great commitment from each single partner.”
As soon as DIN SPEC 27070 has been published by the German Institute for Standardization, it will also be available on: www.internationaldataspaces.org