Parekh, MithilWaedt, KarlTellabi, AsmaaReussner, Ralf H.Koziolek, AnneHeinrich, Robert2021-01-272021-01-272021978-3-88579-701-2https://dl.gi.de/handle/20.500.12116/34736Before the last decade, production units and its related systems were considered nearly as island systems and were managed as an air-gaped in their daily operations. Information and network security was not an issue because their plant's safety and continues operations have the highest priority. In the recent years, many initiatives like smart factories, adopting Industry 4.0, complex mesh of connected devices and data privacy have shifted paradigm of value chain and trust model in the production environment. By this means, state-of-the-art manufacturing environment demands for the comprehensive framework and holistic approach to address cybersecurity that affects reliability of plant operations. Therefore, few standards are gradually evolving and are extended in to this field. The ISA/IEC 62443 is one of the standard series addresses the Security of Industrial Automation and Control Systems (IACS) throughout their lifecycle. On the other hand, NIST Special Publication 800–82 is a Guide to Industrial Control Systems Security and follows NIST CSF to address OT security. As with Operational Technology (OT) requirements in general, also considering to security-related requirements as per ISA/IEC 62443, ask for more effort to deal with it later. Accordingly, bearing in mind, the need for security from the beginning of the system engineering processes reduces the overall effort and complexity during the lifecycle of OT systems. The corresponding paradigm is called Security by Design. This paper proposes on how high level foundational security requirements from ISA/IEC 62443 can be modelled using AutomationML (AML) tool and consequently explains on how easy is to integrate seamlessly that model during the design phase of engineering process.enOT securityAutomationMLISA/IEC 62443NISTSecurity modelling10.18420/inf2020_291617-5468