ARC Industry Forum Presentations Highlight the Value of Holistic Approach to Cybersecurity and Process Safety

Author photo: Larry O'Brien
ByLarry O'Brien
Category:
ARC Report Abstract

Overview

The worlds of process safety and cybersecurity are closely intertwined.  The recent malware incident, in which a process safety system was attacked by what is most likely a state-sponsored hacking group, provides further impetus to look at these two disciplines holistically. Process safety systems were never immune to the same types of malware and cyber-attacks that plague industrial control systems (ICS), they just weren’t an active target until now.

Cybersecurity and Process Safety Must be Addressed Proactively

Cyber vulnerabilities in process safety systems cannot be solved by simply applying cybersecurity cybersecurity and processlarrys%20procee%20cybersecurity.JPGproducts or solutions to these systems. As with process automation systems, cybersecurity must be addressed proactively throughout the lifecycle of the system.  The safety and cybersecurity disciplines can learn much from each other. The HAZOP and risk analysis typically performed in the process safety lifecycle, for example, could be applied to ICS cybersecurity.

At the recent ARC Industry Forum in Orlando, several presentations touched on different aspects of the convergence of cybersecurity and process safety. Standards organizations like ISA, IEC, Automation Federation and NIST are all addressing this topic.  As we saw in presentations by major end users, the recent TRITON attack on a Triconex safety system installed in the Middle East has also created an increased sense of urgency among end users that rely heavily on process safety systems as their last line of defense against a plant incident or unsafe shutdown.

ARC Advisory Group clients can view the complete report at ARC Main Client Portal or at ARC Office 365 Client Portal

If you would like to buy this report or obtain information about how to become a client, please Contact Us

Keywords: Cybersecurity, Process Safety, Risk Management, TRITON, HAZOP, ARC Advisory Group.

Engage with ARC Advisory Group

Representative End User Clients
Representative Automation Clients
Representative Software Clients