← Home

IEC 62443-3-3 Clause 10 – Timely Response to Events

ISA/IEC 62443-3-3, Clause 10 defines Foundational Requirement FR 6 (TRE) and the associated system requirements (SRs) and requirement enhancements (REs) used when claiming Security Level capability for this FR.

Detect security violations, notify the right authority, preserve forensic evidence and support timely corrective action.

Teaching note: Summaries paraphrase ISA/IEC 62443-3-3 for learning. They are not verbatim extracts — always use the published standard for normative wording, RE text and SL mappings (see Annex B).

Reference: ISA/IEC 62443-3-3, Clause 10
Related: Foundational Requirements overview | FR / SL Vector | Annex B mapping | Security Levels

FR pages: FR 1 | FR 2 | FR 3 | FR 4 | FR 5 | FR 6 | FR 7


Purpose

Detect security violations, notify the right authority, preserve forensic evidence and support timely corrective action.

Requirement enhancements under each SR raise the capability needed for higher SL-C(TRE) claims. Exact RE text and which SL columns they populate are in the standard and Annex B.


System requirements in this FR


SR summaries

SR 6.1: Audit log accessibility

Reference: ISA/IEC 62443-3-3, Clause 10 (SR 6.1)

Summary
Audit logs shall be accessible to authorised personnel for review/analysis without undermining control essential functions.

SR 6.2: Continuous monitoring

Reference: ISA/IEC 62443-3-3, Clause 10 (SR 6.2)

Summary
Security-relevant activity shall be continuously monitored (or at defined frequency rising with SL) with alerting on anomalies.

Key takeaways