Editor's Choice
Analytical Instrumentation & Environmental Monitoring
Data Acquisition & Telemetry
Electrical Power & Protection
Enclosures, Cabling & Connectors
Fieldbus & Industrial Networking
Flow Measurement & Control
Industrial Computer Hardware
Industrial Wireless
IS & Ex
IT in Manufacturing
Level Measurement & Control
Maintenance, Test & Measurement, Calibration
Mass Measurement
Motion Control & Drives
News
Operator Interfaces, Switches & Relays
PLCs, DCSs & Controllers
Pneumatics & Hydraulics
Pressure Measurement & Control
SAIMC
SCADA/HMI
Sensors & Transducers
Smart Home Automation
System Integration & Control Systems Design
Temperature Measurement
Training & Education
Valves, Actuators & Pump Control


Editor's Choice



Print this page printer friendly version

Ensuring the safety and security of industrial control systems

September 2015 Editor's Choice IT in Manufacturing

By Eric C. Cosman, consultant, ARC Advisory Group.

Process safety and cyber security are distinctly different disciplines, but there is growing realisation that they are related.

Specifically, today’s industrial organisations face the common imperative of determining the appropriate response for each combination of desired security and safety for various parts of their industrial control systems.

International standards committees such as ISA84 and ISA99 are collaborating to develop information in this area that will appear in their respective standards (ISA84 and ISA-62443). In the meantime, preliminary guidance is available, as well as opportunities for stakeholders to help shape this discussion.

Current situation

Safe and reliable operation is an imperative for industrial processes. Operations personnel often refer to safety as “priority one, two and three.” As a result, process safety has become an established discipline in industry. Standards and practices available as the ISA84 and IEC 61511 series’ provide requirements for specifying, designing, installing, operating, and maintaining a safety instrumented system (SIS). These provide a high degree of confidence that the SIS can maintain or place a process in a safe state. Certification is also available for safety-related systems.

Clearly, cyber security is also essential for safe industrial operations. Most industrial facilities employ a variety of IT-based products within systems designed to control and protect dangerous processes and equipment. It is essential to protect these systems from cyber security related threats that could potentially impact the operations and information security of an industrial facility. The ISA/IEC 62443 series of standards and practices defines requirements and procedures for implementing electronically secure manufacturing and control systems and security practices and assessing electronic security performance. Several cyber security-related compliance specifications are also available.

Inadequate security can compromise safety

As these standards are applied, there is a growing acceptance of the fact that a cyber security-related compromise in the operation of industrial control systems can undermine the basic assumptions used in the design of safety systems and procedures for operation and maintenance. This distinguishes industrial cyber security deliberations from those used for IT programs, which focus on confidentiality and privacy.

Complementary but distinct perspectives

The process safety and cyber security disciplines each have specific perspectives on the challenges associated with the design of industrial control and safety systems.

Industrial control systems are designed for safe operation. Designers perform extensive hazard analyses and safety systems are deployed to limit the impact of operator errors, device failures, and control malfunctions.

The cyber security perspective includes consideration and analysis of new, non-deterministic challenges associated with the information and communications technologies that are at the heart of modern control systems. Protecting IT-based control and safety equipment generally requires special products and compensatory controls. Training automation personnel to use and maintain this new technology is another hurdle that must be overcome.

While distinct, these perspectives are complementary in that they both focus on achieving safe and reliable operations. This 'shared vision' forms the basis for collaboration between these disciplines.

A coordinated response

The recognition and understanding of this shared vision has led to increased collaboration and coordination between these disciplines.

This collaboration takes many forms. Several companies that were previously focused on process safety related services have expanded their offerings to include a parallel set of cyber security services. The committees responsible for the ISA84 (process safety) and ISA/IEC-62443 (cyber security) standards have aligned working groups addressing the overlap between security and safety. In the International Electrotechnical Commission (IEC), an ad hoc group is currently investigating options for addressing this subject.

These and other efforts have identified specific areas where safety and security are related.

Risk assessment and response

Whether addressing safety or security, it is first necessary to identify the specific risks as well as the approaches for their mitigation.

Process safety experts have extensive experience using methods such as process hazard analysis (PHA) and layers of protection analysis (LOPA) when designing safety-related systems. Designing secure systems also requires an analysis of hazard, followed by the application of defence-in-depth and system segmentation, similar in concept to LOPA.

Each of the above processes is applied within the context of a relevant life cycle for the system under consideration. Recent work by the ISA84 and ISA99 committees has resulted in the development of a common version of this life cycle that can be used for both safety and security-related analysis. A technical report on this topic is currently available from the ISA84 committee, which will form part of the description of life cycle as a fundamental concept at the foundation of the ISA/IEC-62443 standards.

Safety integrity and security levels

Another area of similarity between the safety and cyber security-related disciplines is the use of levels to identify the degree of response required in a specific situation. The safety integrity level (SIL) concept is well established and described in the ISA84 and IEC 61511 standards.

The concept of security levels is fundamental to applying the ISA/IEC 62443 standards for cyber security. However, because of the lack of determinism in cyber security-related threats, these levels are more qualitative than those used for describing safety.

It is now possible to establish a formal relationship between safety and security levels and consider them together to determine the design and operations measures required. This is also an area of common focus between these two disciplines.

For more information contact Paul Miller, ARC Advisory Group, +1 781 471 1141, pmiller@arcweb.com, www.arcweb.com





Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

Machine health monitoring with ifm
ifm - South Africa Editor's Choice IT in Manufacturing
With ifm’s machine health monitoring, early signs of wear can be detected and unexpected failures prevented. Combined with equipment preventive maintenance software, interventions can be scheduled proactively to avoid costly downtime.

Read more...
Powering Africa’s sustainable mining
VEGA Controls SA Editor's Choice Level Measurement & Control
At the 2026 Mining Indaba in Cape Town, one theme rises above all others, progress through precision. For VEGA, a global leader in process instrumentation, this mission aligns perfectly with its core purpose, which is turning measurement into meaningful progress.

Read more...
PCS Global delivers turnkey MCC installation in Botswana
PCS Global Editor's Choice PLCs, DCSs & Controllers
PCS Global is delivering a turnkey containerised MCC installation for a major copper mining operation in Northwest Botswana.

Read more...
SEW-EURODRIVE transforms drivetrain uptime
SEW-EURODRIVE Editor's Choice Motion Control & Drives
The DriveRadar IoT Suite from SEW-Eurodrive is an ideal solution for industrial condition monitoring. This powerful ecosystem of intelligent sensors, edge devices and cloud-based analytics ensures that customers have full visibility and control of their operations.

Read more...
PC-based control for flat wire motors for electric vehicles
Beckhoff Automation Editor's Choice Motion Control & Drives
Special machine manufacturer, ruhlamat Huarui Automation Technologies has unveiled the second generation of its mass production line for flexible stators with bar winding (pins). This enables an extremely short production cycle and line changeover times, supported by PC- and EtherCAT-based control technology from Beckhoff.

Read more...
Heavy impact, smart control
Axiom Hydraulics Editor's Choice Pneumatics & Hydraulics
Every now and then a project lands on your desk that’s equal parts heavy machinery and fine control - a tantalising mix for any engineer. A client approached Axiom Hydraulics with a project exactly like this.

Read more...
Pneumatics makes a technological leap with the proportional valve terminal
Festo South Africa Editor's Choice Motion Control & Drives
Festo continually makes bold technological leaps to keep pace with global advancements. Controlled Pneumatics is redefining the boundaries of compressed air technology to meet the demands of today’s most advanced applications.

Read more...
Driving fluid power forward
Editor's Choice News
The National Fluid Power Association is developing its latest Industrial Technology Roadmap for 2025, showing how hydraulics and pneumatics are changing to meet new industrial demands.

Read more...
World’s hottest engine
Editor's Choice Motion Control & Drives
Scientists have built the world’s smallest engine. It’s also the world’s hottest. It could provide an unparalleled understanding of the laws of thermodynamics on a small scale, and provide the foundation for a new, efficient way to compute how proteins fold.

Read more...
PC-based control optimises robotic parts handling on plastics machinery
Beckhoff Automation Editor's Choice Fieldbus & Industrial Networking
NEO is a cartesian robot developed by INAUTOM Robótica in Portugal for parts removal on plastics machinery. Its aim is to increase system productivity. NAUTOM Robótica has entered into a strategic partnership with Bresimar Automação to increase the working speed of the cartesian robots using advanced control and motion solutions from Beckhoff. The result is a comprehensive, future-proof automation solution for its entire family of cartesian robots.

Read more...










While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.

Published by Technews

»  Dataweek Electronics & Communications Technology
»  Electronics Buyers' Guide (EBG)

»  SMART Security Solutions
»  SMART Security Business Directory

»  Motion Control in Southern Africa
»  Motion Control Buyers' Guide (MCBG)

»  South African Instrumentation & Control
»  South African Instrumentation & Control Buyers' Guide (IBG)



© Technews Publishing (Pty) Ltd | All Rights Reserved