Functional Safety at Your Plant Requires IT SecurityThe cyber security threat has expanded from its origins in the home and office PC environment into Industrial Control Systems. At the end of 2017, the world's first successful hacker attack on a safety instrumented system (SIS) was discovered. Malware in a programming station (PC) modified older Triconex safety instrumented systems manufactured by Schneider Electric during ongoing operation. To do this, the programming station was manipulated in such a way that the usual programming function was used to exchange a user program fragment in the Triconex SIS. This modification put the SIS into a safe state. We suspect that the aim of the attack was more than to simply stop the SIS. Rather, it can be assumed that this was supposed to result in a crash. This malware is known as "TRISIS" or "TRITON" (hereafter referred to as "TRISIS").
In this presentation, Sujith Panikkar of HIMA will explain that by looking at a wider solution, through a combination of functional safety and IT security, businesses ensure their overall safety.
The presentation will address three core questions:
- Can the “insecurity” of integrated control systems influence the functional safety of a plant?
- What needs to be protected?
- Can the principles developed for functional safety be applied to security?
With reference to the international standards IEC 61508 for functional safety, IEC 61511 for Safety instrumented Systems and IEC 62443 for cyber security the session will deliver a unique perspective and thinking on this very real, very modern threat.
