Description of 21/30404115 DC 2021

This document specifies cybersecurity requirements for new lifts, escalators and moving walks, later in this document called as EUC (Equipment Under Control) designed according to ISO 8100 series and may be applied to other lift, escalator, and moving walk standards that specify similar requirements. This document may be applied to other lift-related equipment connected to the EUC.

This document covers product and system requirements related to cybersecurity threats in following life cycle steps:

• product development (process and product requirements);

• manufacturing;

• installation;

• operation and maintenance;

• decommissioning.

This document addresses the roles of product supplier and system integrator as shown in IEC 62443-4-1 Figure 2 for the EUC.

This document does not address the role of asset owner as shown in IEC 62443-4-1 Figure 2 , but defines requirements for the product supplier and system integrator of the EUC to establish documentation allowing the asset owner, referred to as EUC owner in this document, to achieve and maintain the security level.

This document gives minimum cybersecurity requirements for

• essential functions;

• safety functions;

• alarm functions.

This document covers EUCs capable of connectivity, either through equipment permanently available on site, or equipment temporarily brought to the location during the installation, operation and maintenance, or decommissioning steps.

EUC interfaces to external systems and services are in the scope of this document. However, the external systems and services as such are out of the scope.

This document is not applicable to EUC, which are installed before the date of its publication.

About BSI

BSI Group, also known as the British Standards Institution is the national standards body of the United Kingdom. BSI produces technical standards on a wide range of products and services and also supplies certification and standards-related services to businesses.