{"id":59974,"date":"2025-09-26T10:56:11","date_gmt":"2025-09-26T10:56:11","guid":{"rendered":"https:\/\/becolve.com\/blog\/building-a-reference-architecture-for-wonderware-system-platform-according-to-iec-62443\/"},"modified":"2025-09-26T10:56:11","modified_gmt":"2025-09-26T10:56:11","slug":"building-a-reference-architecture-for-wonderware-system-platform-according-to-iec-62443","status":"publish","type":"blog","link":"https:\/\/becolve.com\/en\/blog\/building-a-reference-architecture-for-wonderware-system-platform-according-to-iec-62443\/","title":{"rendered":"Building a Reference Architecture for Wonderware System Platform According to IEC 62443"},"content":{"rendered":"<p class=\"p1\">In the <strong><a href=\"https:\/\/www.ciberseguridadlogitek.com\/desmontando-la-iec-62443\/\" target=\"_blank\" rel=\"noopener noreferrer\">previous post on our Industrial Cybersecurity website<\/a><\/strong>, we saw the <strong>basic concepts defined in IEC 62443<\/strong>, which will help us build interconnected, organized, hierarchical network architectures with easier protection.<\/p>\n<p class=\"p1\">In this post, we will see where <strong>the different Wonderware-System Platform applications<\/strong> fit within the IEC62443 levels to build a reference architecture.<\/p>\n<h2 class=\"p1\"><b>Main Components of Wonderware System Platform<\/b><\/h2>\n<p class=\"p1\">One of the <strong>main advantages of System Platform is its scalability:<\/strong> it allows you to create different architectures to adapt to the needs or sizes of the infrastructures it intends to supervise and control. Its high degree of adaptability is largely due to the fact that System Platform is made up of a set of <strong>software pieces, interrelated<\/strong> with each other, which can be installed, or not, on one or more computers. <\/p>\n<p class=\"p1\">In general, it is common to use the following <strong>System Platform roles:<\/strong><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-12212\" src=\"https:\/\/becolve.com\/wp-content\/uploads\/2023\/04\/Captura-de-pantalla-2020-04-21-a-las-16.43.09.png\" alt=\"\" width=\"854\" height=\"428\"><\/p>\n<p class=\"p1\">Other software pieces can be installed on the <strong>ArchestrA platform of Wonderware System Platform<\/strong> to convert process information into useful information for decision-making and to maximize the exploitation of process data <strong>(Wonderware Intelligence, AEMES, Wonderware InBatch, Wonderware Recipe Manager Plus, and many more).<\/strong><\/p>\n<p class=\"p1\">From an architectural point of view, all these <strong>software pieces are composed<\/strong> of:<\/p>\n<ul class=\"ul1\">\n<li class=\"li1\">Databases.<\/li>\n<li class=\"li1\">Executables, code libraries, etc. Software that manipulates that data. <\/li>\n<li class=\"li1\">Web portal for integration with various types of clients.<\/li>\n<li class=\"li1\">Reports.<\/li>\n<\/ul>\n<h2 class=\"p1\"><b>Identifying Security Zones of IEC 62443<\/b><\/h2>\n<p class=\"p1\">As we have seen, Wonderware System Platform is composed of different software pieces that are installed to adapt to the environment that needs to be supervised. These \u201cpieces\u201d have different purposes or roles, so it makes sense for them to be in different IEC62443 Zones and thus adapt to their particular security requirements: <\/p>\n<ul class=\"ul1\">\n<li class=\"li1\"><b>Infrastructure<\/b> Zone: Zone for the general servers necessary for the operation of the entire platform. They do not have to be Wonderware servers, for example, unified user management servers, time server, log server, remote desktop services server, etc. <\/li>\n<li class=\"li1\"><b>Development\/Pre-production<\/b> Zone: Zone where changes are developed and\/or tested before being put into production. In this zone would be the computers with the IDE and GR of the Wonderware environment, in addition to other applications that are linked to the development. The existence of this zone allows controlling that only developers can access these services.  <\/li>\n<li class=\"li1\">Wonderware shared <b>Servers<\/b> Zone: Zone where the different Wonderware servers with roles necessary for the operation of the real-time platform would be located, but where there is practically no human interaction: Historian, AOS, Intouch application server, Intelligence, etc.<\/li>\n<li class=\"li1\"><b>Supervision<\/b> Zone: Zone where the supervision equipment would be located, such as equipment that connects to application servers or equipment with Intouch installed. As this equipment will be manipulated by humans, it is logical to think that its security requirements are different from the rest of the equipment and therefore they are located in a separate zone. <\/li>\n<li class=\"li1\">Production <b>cell<\/b> Zones: Zones where the different process zones are located and where equipment with the role of AOS can be installed for data collection <span class=\"Apple-converted-space\"> <\/span>with minimal latency.<\/li>\n<li class=\"li1\"><b>Remote Access<\/b> Zone: Zone intended to host the assets intended to expose industrial services to those clients who require to view process data WITHOUT them being able to connect to industrial networks (e.g. Intouch Access Anywhere Secure Gateway, RDS Gateway, Historian T2, Windows Patching Server, Antimalware Server, &#8230;).<\/li>\n<\/ul>\n<h2 class=\"p1\"><b>Identifying the Levels of the IEC 62443 Reference Model<\/b><\/h2>\n<p class=\"p2\">Analogously to the previous point, we can classify the roles of AVEA System Platform in the different levels specified in IEC62443:<\/p>\n<h2><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-12214\" src=\"https:\/\/becolve.com\/wp-content\/uploads\/2023\/04\/Captura-de-pantalla-2020-04-21-a-las-16.52.22.png\" alt=\"\" width=\"791\" height=\"237\"><\/h2>\n<h2 class=\"p1\"><b>Reference Architecture of AVEVA System Platform<\/b><\/h2>\n<p class=\"p2\">Joining the classifications of AVEA-SP components in levels and zones of IEC 62443, we can represent the reference architecture as follows:<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-12215\" src=\"https:\/\/becolve.com\/wp-content\/uploads\/2023\/04\/MKT-ICY-SERVICES-1-PostIEC62443-2-Arquitectura-WW.png\" alt=\"\" width=\"700\" height=\"1291\"><\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>In this post, we will see where the different Wonderware-System Platform applications fit within the IEC62443 levels to build a reference architecture.<\/p>\n","protected":false},"author":31,"featured_media":59979,"menu_order":0,"template":"","categories":[1371],"tags":[1416,1417],"arquitectura":[1839],"area":[],"sector":[],"experto":[1396],"weborigen":[93],"productos-tax":[114],"soluciones-tax":[1372],"marcas-tax":[],"coauthors":[434],"class_list":["post-59974","blog","type-blog","status-publish","has-post-thumbnail","hentry","category-cybersecurity","tag-isid","tag-network-monitoring-and-analysis","arquitectura-industrial-cybersecurity","experto-industrial-cybersecurity-total-availability","weborigen-wonderware-es","productos-tax-ciara","soluciones-tax-risk-assessment"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.1.1 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Building a reference architecture for Wonderware System Platform according to IEC 62443<\/title>\n<meta name=\"description\" content=\"In this post, we will see where the different Wonderware-System Platform applications fit within the IEC62443 levels to build a reference architecture.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/becolve.com\/en\/blog\/building-a-reference-architecture-for-wonderware-system-platform-according-to-iec-62443\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Building a reference architecture for Wonderware System Platform according to IEC 62443\" \/>\n<meta property=\"og:description\" content=\"In this post, we will see where the different Wonderware-System Platform applications fit within the IEC62443 levels to build a reference architecture.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/becolve.com\/en\/blog\/building-a-reference-architecture-for-wonderware-system-platform-according-to-iec-62443\/\" \/>\n<meta property=\"og:site_name\" content=\"Becolve Digital\" \/>\n<meta property=\"og:image\" content=\"https:\/\/becolve.com\/wp-content\/uploads\/2023\/04\/arquitectura-ciberseguridad.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1280\" \/>\n\t<meta property=\"og:image:height\" content=\"743\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:site\" content=\"@Logitek_es\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"3 minutes\" \/>\n\t<meta name=\"twitter:label2\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data2\" content=\"Becolve Digital\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/becolve.com\/en\/blog\/building-a-reference-architecture-for-wonderware-system-platform-according-to-iec-62443\/\",\"url\":\"https:\/\/becolve.com\/en\/blog\/building-a-reference-architecture-for-wonderware-system-platform-according-to-iec-62443\/\",\"name\":\"Building a reference architecture for Wonderware System Platform according to IEC 62443\",\"isPartOf\":{\"@id\":\"https:\/\/becolve.com\/en\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/becolve.com\/en\/blog\/building-a-reference-architecture-for-wonderware-system-platform-according-to-iec-62443\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/becolve.com\/en\/blog\/building-a-reference-architecture-for-wonderware-system-platform-according-to-iec-62443\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/becolve.com\/wp-content\/uploads\/2023\/04\/arquitectura-ciberseguridad.jpg\",\"datePublished\":\"2025-09-26T10:56:11+00:00\",\"description\":\"In this post, we will see where the different Wonderware-System Platform applications fit within the IEC62443 levels to build a reference architecture.\",\"breadcrumb\":{\"@id\":\"https:\/\/becolve.com\/en\/blog\/building-a-reference-architecture-for-wonderware-system-platform-according-to-iec-62443\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/becolve.com\/en\/blog\/building-a-reference-architecture-for-wonderware-system-platform-according-to-iec-62443\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/becolve.com\/en\/blog\/building-a-reference-architecture-for-wonderware-system-platform-according-to-iec-62443\/#primaryimage\",\"url\":\"https:\/\/becolve.com\/wp-content\/uploads\/2023\/04\/arquitectura-ciberseguridad.jpg\",\"contentUrl\":\"https:\/\/becolve.com\/wp-content\/uploads\/2023\/04\/arquitectura-ciberseguridad.jpg\",\"width\":1280,\"height\":743},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/becolve.com\/en\/blog\/building-a-reference-architecture-for-wonderware-system-platform-according-to-iec-62443\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/becolve.com\/en\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Blog Items\",\"item\":\"https:\/\/becolve.com\/en\/blog\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Building a Reference Architecture for Wonderware System Platform According to IEC 62443\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/becolve.com\/en\/#website\",\"url\":\"https:\/\/becolve.com\/en\/\",\"name\":\"Becolve Digital\",\"description\":\"Transformaci\u00f3n digital en industria e infraestructuras\",\"publisher\":{\"@id\":\"https:\/\/becolve.com\/en\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/becolve.com\/en\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/becolve.com\/en\/#organization\",\"name\":\"Becolve Digital\",\"url\":\"https:\/\/becolve.com\/en\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/becolve.com\/en\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/becolve.com\/wp-content\/uploads\/2023\/04\/becolve-logo-h-black_200.png\",\"contentUrl\":\"https:\/\/becolve.com\/wp-content\/uploads\/2023\/04\/becolve-logo-h-black_200.png\",\"width\":200,\"height\":64,\"caption\":\"Becolve Digital\"},\"image\":{\"@id\":\"https:\/\/becolve.com\/en\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/Logitek_es\",\"https:\/\/www.linkedin.com\/company\/becolve-digital\/\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Building a reference architecture for Wonderware System Platform according to IEC 62443","description":"In this post, we will see where the different Wonderware-System Platform applications fit within the IEC62443 levels to build a reference architecture.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/becolve.com\/en\/blog\/building-a-reference-architecture-for-wonderware-system-platform-according-to-iec-62443\/","og_locale":"en_US","og_type":"article","og_title":"Building a reference architecture for Wonderware System Platform according to IEC 62443","og_description":"In this post, we will see where the different Wonderware-System Platform applications fit within the IEC62443 levels to build a reference architecture.","og_url":"https:\/\/becolve.com\/en\/blog\/building-a-reference-architecture-for-wonderware-system-platform-according-to-iec-62443\/","og_site_name":"Becolve Digital","og_image":[{"width":1280,"height":743,"url":"https:\/\/becolve.com\/wp-content\/uploads\/2023\/04\/arquitectura-ciberseguridad.jpg","type":"image\/jpeg"}],"twitter_card":"summary_large_image","twitter_site":"@Logitek_es","twitter_misc":{"Est. reading time":"3 minutes","Written by":"Becolve Digital"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/becolve.com\/en\/blog\/building-a-reference-architecture-for-wonderware-system-platform-according-to-iec-62443\/","url":"https:\/\/becolve.com\/en\/blog\/building-a-reference-architecture-for-wonderware-system-platform-according-to-iec-62443\/","name":"Building a reference architecture for Wonderware System Platform according to IEC 62443","isPartOf":{"@id":"https:\/\/becolve.com\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/becolve.com\/en\/blog\/building-a-reference-architecture-for-wonderware-system-platform-according-to-iec-62443\/#primaryimage"},"image":{"@id":"https:\/\/becolve.com\/en\/blog\/building-a-reference-architecture-for-wonderware-system-platform-according-to-iec-62443\/#primaryimage"},"thumbnailUrl":"https:\/\/becolve.com\/wp-content\/uploads\/2023\/04\/arquitectura-ciberseguridad.jpg","datePublished":"2025-09-26T10:56:11+00:00","description":"In this post, we will see where the different Wonderware-System Platform applications fit within the IEC62443 levels to build a reference architecture.","breadcrumb":{"@id":"https:\/\/becolve.com\/en\/blog\/building-a-reference-architecture-for-wonderware-system-platform-according-to-iec-62443\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/becolve.com\/en\/blog\/building-a-reference-architecture-for-wonderware-system-platform-according-to-iec-62443\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/becolve.com\/en\/blog\/building-a-reference-architecture-for-wonderware-system-platform-according-to-iec-62443\/#primaryimage","url":"https:\/\/becolve.com\/wp-content\/uploads\/2023\/04\/arquitectura-ciberseguridad.jpg","contentUrl":"https:\/\/becolve.com\/wp-content\/uploads\/2023\/04\/arquitectura-ciberseguridad.jpg","width":1280,"height":743},{"@type":"BreadcrumbList","@id":"https:\/\/becolve.com\/en\/blog\/building-a-reference-architecture-for-wonderware-system-platform-according-to-iec-62443\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/becolve.com\/en\/"},{"@type":"ListItem","position":2,"name":"Blog Items","item":"https:\/\/becolve.com\/en\/blog\/"},{"@type":"ListItem","position":3,"name":"Building a Reference Architecture for Wonderware System Platform According to IEC 62443"}]},{"@type":"WebSite","@id":"https:\/\/becolve.com\/en\/#website","url":"https:\/\/becolve.com\/en\/","name":"Becolve Digital","description":"Transformaci\u00f3n digital en industria e infraestructuras","publisher":{"@id":"https:\/\/becolve.com\/en\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/becolve.com\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/becolve.com\/en\/#organization","name":"Becolve Digital","url":"https:\/\/becolve.com\/en\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/becolve.com\/en\/#\/schema\/logo\/image\/","url":"https:\/\/becolve.com\/wp-content\/uploads\/2023\/04\/becolve-logo-h-black_200.png","contentUrl":"https:\/\/becolve.com\/wp-content\/uploads\/2023\/04\/becolve-logo-h-black_200.png","width":200,"height":64,"caption":"Becolve Digital"},"image":{"@id":"https:\/\/becolve.com\/en\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/Logitek_es","https:\/\/www.linkedin.com\/company\/becolve-digital\/"]}]}},"_links":{"self":[{"href":"https:\/\/becolve.com\/en\/wp-json\/wp\/v2\/blog\/59974","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/becolve.com\/en\/wp-json\/wp\/v2\/blog"}],"about":[{"href":"https:\/\/becolve.com\/en\/wp-json\/wp\/v2\/types\/blog"}],"author":[{"embeddable":true,"href":"https:\/\/becolve.com\/en\/wp-json\/wp\/v2\/users\/31"}],"version-history":[{"count":0,"href":"https:\/\/becolve.com\/en\/wp-json\/wp\/v2\/blog\/59974\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/becolve.com\/en\/wp-json\/wp\/v2\/media\/59979"}],"wp:attachment":[{"href":"https:\/\/becolve.com\/en\/wp-json\/wp\/v2\/media?parent=59974"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/becolve.com\/en\/wp-json\/wp\/v2\/categories?post=59974"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/becolve.com\/en\/wp-json\/wp\/v2\/tags?post=59974"},{"taxonomy":"arquitectura","embeddable":true,"href":"https:\/\/becolve.com\/en\/wp-json\/wp\/v2\/arquitectura?post=59974"},{"taxonomy":"area","embeddable":true,"href":"https:\/\/becolve.com\/en\/wp-json\/wp\/v2\/area?post=59974"},{"taxonomy":"sector","embeddable":true,"href":"https:\/\/becolve.com\/en\/wp-json\/wp\/v2\/sector?post=59974"},{"taxonomy":"experto","embeddable":true,"href":"https:\/\/becolve.com\/en\/wp-json\/wp\/v2\/experto?post=59974"},{"taxonomy":"weborigen","embeddable":true,"href":"https:\/\/becolve.com\/en\/wp-json\/wp\/v2\/weborigen?post=59974"},{"taxonomy":"productos-tax","embeddable":true,"href":"https:\/\/becolve.com\/en\/wp-json\/wp\/v2\/productos-tax?post=59974"},{"taxonomy":"soluciones-tax","embeddable":true,"href":"https:\/\/becolve.com\/en\/wp-json\/wp\/v2\/soluciones-tax?post=59974"},{"taxonomy":"marcas-tax","embeddable":true,"href":"https:\/\/becolve.com\/en\/wp-json\/wp\/v2\/marcas-tax?post=59974"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/becolve.com\/en\/wp-json\/wp\/v2\/coauthors?post=59974"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}