Skip to main content
AirGapNetPhysical network isolation
← BlogIndustryDecember 20257 min read

IEC 62443: where the standard meets a hardware switch

62443 was written for the kind of control AirGapNet provides. Which Security Requirements a relay contributes to, which it does not, and how integrators wire it into the conformity narrative.

IEC 62443 was written for the kind of control AirGapNet provides — but the device contributes to specific SRs, it does not certify the operator's program.

In this article

Section 01

The standard's vocabulary

IEC 62443 organizes industrial security around zones (groups of assets that share security requirements) and conduits (the network paths that connect them). Each conduit is assigned a target security level (SL-T) that drives what controls it should carry. The standard is explicit that conduits can be physical, logical, or both.

This is useful for talking about AirGapNet, because the device is unambiguously a conduit-level control. A relay on a line between two zones is the line itself — there is no abstraction between the standard's term and the physical reality.

Section 02

Which SRs the device contributes to

Several System Requirements (SRs) under 62443 describe controls that physical isolation contributes to directly. Network segmentation SRs explicitly accommodate physical separation as one fulfilment path. Zone boundary protection is where a default-closed relay does the most direct work. Audit log accessibility is supported by the device's own state-transition log.

The contribution is conduit-shaped: the relay enforces the existence of the path during defined windows, and the device's audit log records the state transitions. The integrator's job is to map that into the zone/conduit document and the SL-T justification — the device does not do that mapping itself.

  • Network segmentation

    Physical separation is one accepted fulfilment path for segmentation between zones with different security levels.

  • Zone boundary protection

    Default-closed relay on the conduit is a strong implementation of boundary protection — the path is absent outside defined windows.

  • Audit log accessibility

    Local relay state log captures conduit-level events without depending on a central log collector.

  • Configuration settings

    Schedule and window definitions sit at the conduit, not in a configuration drift-prone software policy.

Section 03

Which SRs the device does not address

62443 covers a wide surface, most of which lives above the conduit. Identification and authentication of human users live in the asset and the integrator's IAM. Use control is application-layer. System integrity is on the assets in the zone, not on the conduit.

The conservative read is: the relay contributes to network-segmentation and zone-boundary SRs, and the device log contributes to audit-trail SRs. Everything else is somewhere else in the architecture — and the device does not pretend to address it.

Section 04

Mapping in practice

When integrators document a 62443 conformity assessment, the zone-and-conduit map is the central artefact. AirGapNet appears in that map as a conduit-level control with an associated SL-T and a referenced device log. The integrator's narrative explains why the chosen control is sufficient for the target security level on that conduit.

We publish the per-SR mapping on /compliance for the same purpose: so the integrator does not have to reverse-engineer what AirGapNet contributes against the standard. The mapping is a starting point, not the entire compliance answer — but it removes the most time-consuming part of writing it from scratch.

Go from reading to running

See AirGapNet on your network.

We bring a real AGN1 to your bench and run one maintenance window on your equipment. 30 minutes on the call.

Book a demoMore articles