Maintenance service activities typically begin after the system is deployed and handed over to the asset owner. This is aligned with the Operation and Maintenance phase of the IACS lifecycle.
“Maintenance service providers typically become responsible for cybersecurity-related activities after the asset owner takes ownership of the system, following handover.”
— ISA/IEC 62443-2-4:2015, Clause 4.2.3 – Transition and Handover
Prior to handover, integrators and product suppliers manage the system. Maintenance providers take over only post-commissioning.
[References:, ISA/IEC 62443-2-4:2015 – Clause 4.2.3, ISA/IEC 62443-1-1 – IACS lifecycle phases, ===========, , , , ]
Submit