Institute of Measurement and Control. Functional Safety 2016
Page 7
Also stakeholders should seek to address the following SIS specific recommendations, many of which
leverage the synergies which exist between security and safety:-
·
Including the security requirements in the Safety Requirement Specification (SRS)
·
Linking the security risk assessment into the process hazard analysis
·
The personnel responsible for Cyber Security to be engaged during each phase of the SIS
lifecycle.
·
The organization responsible for Safety should be involved during each phase of the Security
lifecycle
·
Safety Manuals should document security countermeasures
·
SIS vendor to supply security concepts
·
SIS system should be designed with defense in depth strategy
·
Cyber Security Risks due to the BPCS / SIS Integration should be considered.
·
Any events associated with the SIS security countermeasures should be logged and
continuously monitored.
·
A documented plan should be in place that specifies how responses to intrusion demands
are addressed and responded to.
·
The SIS system software and the cyber security protection software should be updated as
needed. When SIS workstations are updated, an authorized person should be present.
·
Back-up and restoration means and procedures of all the SIS network configurations should
be in place and tested.
·
Remote Access
·
Guidance on how to implement remote access for the SIS.
How useful is Certification in achieving safety & security?
Third party certification is used as a tool to help demonstrate compliance to the relevant standards
and its use is commonplace in functional safety. This is also increasingly the case for security. BPCS
and SIS vendors are increasingly offering products certified by third parties and using certification of
practices to help demonstrate that safety and security are being addressed both at product level and
in engineered solutions. This can certainly be helpful but it is not simply a case of selecting the right
components as can be seen from the list of recommendations above.
Concept of “Defence in Depth” for Industrial Security
The concept of defence in depth is a security strategy in which several layers of defence wrap
themselves around the system to be protected, in this case the automation system, like the layers in
an onion’s skin. The implementation of defence-in-depth requires a combination of various different
security measures.
Physical and organizational security measures are summarized under the heading "Plant Security".
Measures concerning the security cells, such as forming security cells, securing access points and the
secure communication between different security cells, are summarized under the heading
"Network Security".
Measures such as "system hardening", "user and patch management" as well as "malware detection
& prevention" are summarized under the heading "Integrity Protection or endpoint Protection".