0010548: interpretation of 62443 CR 3.3 & CR 3.9 - MantisBT

10000-002: Security
- - All Projects
  - .NET API
  - Certification
  - Compliance Test Tool (CTT) COM Classic
  - Compliance Test Tool (CTT) Unified Architecture
  - CTT UA Binary
  - CTT UA Help
  - CTT UA Package
  - CTT UA Scripts
  - CTT UA Test Case
  - OPC Analyzer
  - Safety Compliance Test Tool (UASCTT)
  - UASCTT Documentation
  - UASCTT Software
  - Specifications
  - Classic DA Client
  - Classic DA Server
  - Safety Test Document
  - UA Client - Certification tests
  - UA Server - Certification tests
  - COM/XML Sample Code
  - COM-AE Sample Code
  - COM-DA Sample Code
  - COM-HDA Sample Code
  - XML-DA Sample Code
  - Core Components
  - OpenSCS
  - UA
  - Field eXchange (UAFX)
  - Part 80: UAFX Overview and Concepts [sg.Architecture]
  - Part 81: UAFX Connecting Devices and Information Model [sg.BaseFacet]
  - Part 82: UAFX Networking [sg.Networking]
  - Part 83: UAFX Offline Engineering [sg.OfflineEngineering]
  - Part 84: UAFX Profiles
  - sg.I/O
  - sg.Instrumentation
  - sg.Motion
  - UAFX Nodeset
  - UAFX Testing (CTT) [sg.TestDevelopment]
  - Information Models
  - 10000-100: Devices
  - 10000-110: Asset Management Basics
  - 10000-200: Industrial Automation - Basics
  - 10000-210: Industrial Automation - Relative Spatial Location
  - 10020: Analyzer Device Integration (ADI)
  - 10030: ISA-95
  - 10031: ISA 95 Job Control
  - 10040: IEC 61850
  - 10100-1: WOT Connectivity
  - 11020: Companion Spec Template
  - 30000: PLCopen
  - 30010: AutoID
  - 30020: MDIS
  - 30030: BACnet
  - 30040: AutomationML
  - 30050: PackML
  - 30060: TMC
  - 30070: MTConnect
  - 30081: PADIM
  - 30090: FDT
  - 30110: Powerlink
  - 30120: IO-Link
  - 30130: CCLink (CSP+ForMachine)
  - 30140: PROFINET
  - 30170: ODVA-CIP
  - 30170: ODVA-CIP: 01: Promises
  - 30170: ODVA-CIP: 02: User Stories
  - 30170: ODVA-CIP: 03: Requirements
  - 30200: Commercial Kitchen Equipment
  - 30250: DEXPI
  - 30270: I4AAS
  - 30400: UA Cloud LIbrary
  - 34100: Energy Consumption Management
  - 40001: Machinery
  - 40010: Robotics
  - 40010-1: Robotics-1: Vertical integration
  - 400nn: PlasticsRubber
  - 40077: PlasticsRubber IMM2MES
  - 40082-1: PlasticsRubber TCD
  - 40082-2: PlasticsRubber HotRunner
  - 40082-3: PlasticsRubber LDS
  - 40082-5: PlasticsRubber Moulds
  - 40083: PlasticsRubber
  - 40083: PlasticsRubber GeneralTypes
  - 40084: PlasticsRubber Extrusion
  - 40084-10: PlasticsRubber Extrusion Calibrator
  - 40084-11: PlasticsRubber Extrusion Corrugator
  - 40084-12: PlasticsRubber Extrusion Calender
  - 40084-1: PlasticsRubber Extrusion GeneralTypes
  - 40084-2: PlasticsRubber Extrusion ExtrusionLine
  - 40084-3: PlasticsRubber Extrusion Extruder
  - 40084-4: PlasticsRubber Extrusion HaulOff
  - 40084-5: PlasticsRubber Extrusion MeltPump
  - 40084-6: PlasticsRubber Extrusion Filter
  - 40084-7: PlasticsRubber Extrusion Die
  - 40084-8: PlasticsRubber Extrusion Pelletizer
  - 40084-9: PlasticsRubber Extrusion Cutter
  - 40100: Machine Vision
  - 40100-1: MachineVision-1: Control and more
  - 40200: Weighing Technology
  - 40210: Geometric Measuring Systems
  - 40223: Pumps and Vacuum Pumps
  - 40250: Compressed Air
  - 40301: Flat Glass
  - 40351: High Pressure Die Casting (HPDC)
  - 40400-1: Powertrain
  - 40450: Joining
  - 40450-1: IJT Joining System – Base
  - 40451: Tightening
  - 40451-1: IJT Tightening System – General
  - 40501: MachineTool
  - 40501-1: MachineTool-1: Monitoring and Job
  - 40502: CNC
  - 40550: Woodworking Machinery
  - 4056n: Mining
  - 40560: Mining General
  - 40561: Mining Extraction Equipment
  - 40562: Mining Loading Equipment
  - 40563: Mining Transport And Dumping Equipment
  - 40564: Mining Mineral Processing Equipment
  - 40565: Mining Development And Support Equipment
  - 40566: Mining Monitoring And Supervision Services
  - 40567: Mining PELO Services
  - 40569: Mining Application And Use Cases
  - 40701: Cleaning-Pretreatment Surface Technology
  - UA Specification
  - 10000-001: Concepts
  - 10000-002: Security
  - 10000-003: Address Space
  - 10000-004: Services
  - 10000-005: Information Model
  - 10000-006: Mappings
  - 10000-007: Profiles
  - 10000-008: Data Access
  - 10000-009: Alarms and Conditions
  - 10000-010: Programs
  - 10000-011: Historical Access
  - 10000-012: Discovery
  - 10000-013: Aggregates
  - 10000-014: PubSub
  - 10000-015: Safety
  - UA Safety Stack
  - UA Safety Stack - Documentation
  - UA Safety Stack - Source Code
  - 10000-016: State Machines
  - 10000-017: Alias Names
  - 10000-018: Role-Based Security
  - 10000-019: Dictionary Reference
  - 10000-020: File Transfer
  - 10000-021: Device Onboarding
  - 10000-022: Base Network Model
  - 10000-023: Common ReferenceTypes
  - 10000-024: Scheduler
  - 10000-025: ObjectSerialization
  - 10000-026: LogObject
  - 10000-110: Asset Management Basics
  - 10000-120: XML Data Type Mapping
  - 10000-200: Industrial Automation - Basics
  - 10000-210: Industrial Automation - Relative Spatial Location
  - Code Generators
  - ModelValidator
  - Feature Requests
  - NodeSets, XSDs and Generated Code
  - Website
  - IOP App
  - Online Reference
  - Profiles Application
  - Teams
  - Whitepapers - 22***
  - OPC-11030: UA Modelling Best Practices
  - Wireshark plug-in
anonymous

ID	Project	Category	View Status	Date Submitted	Last Update

0010548	10000-002: Security	Spec	public	2025-10-06 03:43	2025-10-07 15:40

Reporter	Paul Hunkar	Assigned To	Jim Luth
Priority	normal	Severity	minor	Reproducibility	have not tried
Status	acknowledged	Resolution	open
Product Version	1.05.06

Summary	0010548: interpretation of 62443 CR 3.3 & CR 3.9
Description	The 62443 security requirement described in CR 3.3 - Security Functionality Verification - should be discussed and a determination of how much of what it is requiring OPC UA meets for CR 3.9 Protection of audit information - does this mean on at rest or does it include transmission - also how does new LogObject factor in? Again discussion for Security group Also should look at all, with regards to LogObject addition (related to Audit event logging)
Tags	sg.Security

Commit Version
Fix Due Date

Date Modified	Username	Field	Change
2025-10-06 03:43	Paul Hunkar	New Issue
2025-10-07 15:39	Jim Luth	Assigned To	=> Jim Luth
2025-10-07 15:39	Jim Luth	Status	new => acknowledged
2025-10-07 15:40	Jim Luth	Note Added: 0023448
2025-10-07 15:40	Jim Luth	Tag Attached: sg.Security