Architecting Safety using Cybersecurity Requirements and Assessments
Deploying and maintaining safe processes requires planning and the implementation of knowledge gained from previous tests and experiences. The field devices, controllers, servers, and other digitized safety equipment that communicate via Ethernet or wireless connections have increased dramatically. Additionally, vendors are rapidly deploying cloud-based services that are directly connected to process assets relied on for both monitoring and control. The earlier cybersecurity is considered in the process development process the safer it will be for people, the environment, and the process. This presentation will review cybersecurity considerations when planning safe operations. Attendees will be introduced to the ISA 62443 risk management process and high-level risk assessment data gathering that will fuel their information gathering requirements. The requirements for architecting and remotely accessing safety enclaves and assets will be outlined with consideration for possible cloud asset inclusions. The types and outputs from cybersecurity vulnerability assessments will be outlined to help each attendee understand how to plan and scope these critical reviews. By the end of the presentation each attendee will have a starting point for discussing cybersecurity concepts which will ultimately improve process safety on current and new process environments.
