Pregunta formulada el pasado 29 de noviembre en la Jornada del Sector de la Elevación y respondida por la ponente Isabel Linares, Responsable de negocio Industria y Equipamiento Head of Industry & Equipment Asociación Española de Normalización – UNE
1.- En lo que respecta a AI y seguridad funcional a continuación se indican las tres normas técnicas publicadas:
ISO/IEC TR 5469:2024 – Artificial intelligence — Functional safety and AI systems
Abstract:
This document describes the properties, related risk factors, available methods and processes relating to:
— use of AI inside a safety related function to realize the functionality;
— use of non-AI safety related functions to ensure safety for an AI controlled equipment;
— use of AI systems to design and develop safety related functions.
ISO/IEC AWI TS 22440 – Artificial intelligence — Functional safety and AI systems — Requirements
Abstract:
This document provides requirements and guidance on the terminology, properties, risk factors, processes, methods, techniques and architectures relating to: – use of AI technology within a safety-related function; – use of safety-related function based on conventional technology to ensure safety of a system using AI technology; – use of AI technology to design, develop and verify safety-related functions. This document includes general considerations on how security threats can affect safety of an AI system. Unless differently specified, this document is applicable to all types of AI technologies. It includes specific details on machine learning (ML).
Abstract:
This document provides requirements and guidance on the terminology, properties, risk factors, processes, methods, techniques and architectures relating to: ¾ use of AI technology within a safety-related function; ¾ use of safety-related function based on conventional technology to ensure safety of a system using AI technology; ¾ use of AI technology to design, develop and verify safety-related functions. This document includes general considerations on how security threats can affect safety of an AI system. Unless differently specified, this document is applicable to all types of AI technologies. It includes specific details on machine learning (ML).
2.- En lo relativo a los comités nacionales que actualmente están activos para los temas de digitalización, conectividad y ciberseguridad son los siguientes:
– Digitalización y conectividad
Aunque es muy difícil concretar porque son muchas cosas, a continuación se indica lo que podría ser de interés para la elevación:
IoT: CTN-UNE 71/SC 41 “IoT y Gemelos digitales”, elabora normas genéricas.
Para aplicaciones concretas y cada comité de producto debería elaborar las suyas.
IA, Inteligencia artificial: CTN-UNE 71/SC 42 “Inteligencia artificial y big data”
Este comité aplicaría si se va a utilizar IA para seguridad de los ascensores, por ejemplo.
– Ciberseguridad
El comité nacional es:
-
- CTN-UNE 320 “Ciberseguridad y protección de datos personales” elabora todas las normas horizontales.
- CTN_UNE 321 “Ascensores, escaleras mecánicas y andenes móviles”
Para el sector de la elevación tenemos publicada la Norma ISO 8102-20:2022 – Electrical requirements for lifts, escalators and moving walks — Part 20: Cybersecurity
Abstract:
This document specifies cybersecurity requirements for new lifts, escalators and moving walks, referred to in this document as “equipment under control (EUC)”, designed in accordance with the ISO 8100 series. It is also applicable with other lift, escalator and moving walk standards that specify similar requirements, and to other lift-related equipment connected to the EUC.
This document specifies product and system requirements related to cybersecurity threats in the following lifecycle steps:
— product development (process and product requirements);
— manufacturing;
— installation;
— operation and maintenance;
— decommissioning.
This document addresses the roles of product supplier and system integrator as shown in IEC 62443-4-1:2018, Figure 2, for the EUC.
This document does not address the role of asset owner as shown in IEC 62443-4-1:2018, Figure 2, but defines requirements for the product supplier and system integrator of the EUC to establish documentation allowing the asset owner, referred to as the “EUC owner” in this document, to achieve and maintain the security of the EUC.
This document specifies the minimum cybersecurity requirements for:
— essential functions;
— safety functions;
— alarm functions.
This document is applicable to EUCs that are capable of connectivity to external systems such as building networks, cloud services, or service tools. The capability to connectivity can exist through equipment permanently available on site, or equipment temporarily brought to the location during the installation, operation and maintenance, or decommissioning steps.
EUC interfaces to external systems and services are in the scope of this document. External systems and services as such are out of the scope of this document.
This document does not apply to EUC that are installed before the date of its publication.
3.- Además, se adjunta el enlace a los Informes que pueden ser de interés general en este campo: