security level (indsutrial security) (SL)

In cryptography, the term security level( SL) is used for the performance of a cipher or a hash function.

The security level is used to compare security algorithms and helps to increase the security level in a hybrid cryptosystem. In IEC 62443, a security standard for industrial automation systems, there are two complementary security levels, the first showing attempts against misapplications and the second reflecting the security level in the life cycle. Among these there are the security levels SL-C, which stands for Capability, SL-T for Target, and SL-A for Achieved. A device or system can achieve security level SL-C if it is properly deployed and configured. SL-T is a target for a security level that results from the threat and risk analysis, and SL-A is a security level that can be achieved and measured in the overall system.

Such a security level is specified in bits. Here, n bits stand for a security level at which an attacker must perform 2exp n operations to crack the security level.

The IEC 62443 security standard consists of the following standard parts:

IEC 62443-1: General principles.

IEC 62443-2: Security requirements for operators and service providers

IEC 62443-3: Security requirements for automation systems

IEC 62443-4: Safety requirements for automation components.