CLC/FprTS 50491-7:2024

General requirements for Home and Building Electronic Systems (HBES) and Building Automation and Control Systems (BACS) - Part 7: IT security and data protection - User Guide CLC/FprTS 50491-7:2024

Scope

This Technical Specification provides guidance to set-up and manage/update a cybersecure HBES / BACS system
This document provides:
1) Categories of HBES / BACS networks related to cybersecurity updates (managed and unmanaged networks)
2) Risk assessment guide for the above-mentioned categories (at device level for both managed and unmanaged networks, at system level for managed ones only)

For manufacturers the document provides a classification scheme based on the security levels from existing standards (ETSI EN 303 645 , IEC 62443).
For installers, system integrators and other administrators of HBES/BACS this document provides
- a generic method for assessment of the security risk for each product in the perspective of the overall system. The result of the evaluation gives the minimum required security level on product level corresponding to the manufacturer classification above.
- A guide to select products to comply with the required security level.
- Best practice measures on the system security level.
- A guide to enhance the maturity level of the cyber security management process.