Subscribe to be notified for updates: RSS Feed

Edward M. Marszal

President and CEO, Kenexis Consulting Corporation

Inherent Safety Against Cyber Attack for Process Facilities

Functional Safety & SIS

Abstract: Process plants, including oil and gas production facilities, need to be protected against physical consequences generated from cyber-attack. While a lot of effort has been placed on securing the computer systems themselves, the design of the facility is often ignored, but is the most important component of the defense against cyber-attack. It is possible to build plants that are inherently safe against cyber-attack by designing in systems and safeguards – such as relief valves and current overload relays – that are not vulnerable to this threat vector. This paper will review the most common methods for process hazards analysis (PHA) of process industry plants, and then supplement those methods with a "cyber review". The purpose of the cyber review is to determine if there are any cyber-attack vectors that can cause significant physical damage to the facility, and if so, make recommendations for modifying one or more of the safeguards in a cyber-vulnerable vector so that they are not vulnerable to cyber-attack. The approach that will be discussed includes analysis of the causes of safety incidents, the safeguards that prevent the causes from resulting in consequences, and the magnitude of the consequences that might result from the realization of these hazards. The discussion will include a case study from the oil and gas industry where a Hazards and Operability (HAZOP) study was assessed using a PHA cyber review in order to determine whether or not the facility was inherently cyber-safe, and if not, make recommendations for design modifications that would make the facility cyber-safe.

Copyright 2013 DMS Global - Design by DMS Cybernation