Abstract
Safety and security aspects consist of two different group of functional requirements for the control and protection systems. It is the reason why the analyses of safety and security shouldnt be integrated directly. The paper proposes extension of the currently used methods of functional safety analyses. It can be done with inclusion of the level of information security assigned to the technical system. The article addresses some important issues of the functional safety analysis, namely the safety integrity level (SIL) verification of distributed control and protection systems with regard to security aspects. A method based on quantitative and qualitative information is proposed for the SIL (IEC 61508, 61511) verification with regard of the evaluation assurance levels (EAL) (ISO/IEC 15408) and the security assurance levels (SAL) (IEC 62443).
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
1. Aaro R., Hansen G.K.: Reliability quantification of computer-based safety systems. An introduction to PDS. SINTEF Industrial Management. Report No. STF37 A97434, Trondheim (1997)
2. ANSI/ISA99.00.012007. Security for Industrial Automation and Control Systems. Part 1: Terminology, Concepts, and Models, (2007)
3. Barnert T., Piesik E., Śliwiński M.: Real-time simulator of agricultural biogas plant, Computers and Electronics in Agriculture 108, 1–11 (2014)
4. Barnert T., Kosmowski K.T., Śliwiński M.: Security aspects in verification of the safety integrity level of distributed control and protection systems. Journal of KONBIN, Air Force Institute of Technology, KONBIN 2008, Wrocaw. Warsaw. 150–176, (2008)
5. Barnert, T., Kosmowski, K.T., Śliwiński M. 2009. A knowledge-based approach for functional safety management. Taylor & Francis Group, European Safety & Reliability Conference, ESREL 2009, Prague. London,(2009)
6. Barnert, T., Śliwiński M. Functional safety and information security in the critical infrastructure objects and systems (in Polish), Modern communication and data transfer systems for safety and security. Wolters Kluwer, 476–507 (2013)
7. CSS PNCSD Control Systems Security Program National Cyber Security Division. Configuring Managing Remote Access for Industrial Control Systems. Centre for the Protection of National Infrastructure CPNI, US Homeland Security, (2010)
8. CSS PNCSD Control Systems Security Program National Cyber Security Division. Cyber Security Assessments of Industrial Control Systems. Centre for the Protection of National Infrastructure CPNI, US Homeland Security, (2010)
9. CSS PNCSD Control Systems Security Program National Cyber Security Division. Recommended Practice: Improving Industrial Control Systems Cyber security with Defense-In-Depth Strategies. Centre for the Protection of National Infrastructure CPNI, US Homeland Security, (2010)
10. Piesik E., Śliwiński M., Barnert T.: Determining and verifying the safety integrity level of the safety instrumented systems with the uncertainty and security aspects, Reliability Engineering & System Safetyb 152, 259–272, (2016)
11. Grtan, T.O., Jaatun, M.G., ien, K., Onshus, T. The SeSa Method for Assesing Secure Remote Access to Safety Instrumented Systems (SINTEF A1626). Trondheim, Norway (2007)
12. Hoyland A., Rausand M.: System Reliability Theory. Models and Statistical Methods. Second Edition, New York: John Wiley & Sons, Inc. (2004)12
13. IEC 62443. Security for industrial automation and control systems. Parts 1-13 (undergoing development). International Electrotechnical Commission, Geneva (2013)
14. IEC 61508. Functional Safety of Electrical/Electronic/Programmable Electronic Safety-Related Systems, Parts 1-7. International Electrotechnical Commission, Geneva (2010)
15. IEC 61511, 2015. Functional safety: Safety instrumented systems for the process industry sector. Parts 1-3. International Electrotechnical Commission (IEC) (2015)
16. ISO/IEC 15408:1999: Information technology Security techniques Evaluation criteria for IT security Part 13 (1999)
17. Kosmowski, K.T. Functional safety and reliability analysis methodology for hazardous industrial plants. Gdańsk University of Technology Publishers (2013)
18. Kosmowski K.T., Śliwiński, Barnert T.: Functional safety and security assessment of the control and protection systems. Taylor & Francis Group, European Safety & Reliability Conference, ESREL 2006, Estoril. London (2006)
19. Kosmowski K.T., Barnert T., Śliwiński M., Porzeziński, M.: Functional Safety Assessment within the Risk Informed Decision Making Process. Proceedings of Joint American and European Conference PSAM 11 / ESREL 2012. Helsinki (2012)
20. Mahan, R.E. (et al.). Secure Data Transfer Guidance for Industrial Control and SCADA Systems. PNNL|20776, Pacific Northwest National Laboratory, Richland (2011)
21. OECD IFP: Project on Future Global Shocks. Reducing Systemic Cybersecurity Risk. IFP/ WKP/ FGS (2011)
22. OECD PCI: Protection of Critical Infrastructure and the Role of Investment Policies Relating to National Security. Paris: Organisation for Economic Co-operation and Development (2008)
23. Piwowar J., Chatelet E., Laclemence P. : An Efficient Process to Reduce Infrastructure Vulnerabilities Facing Malevolence. Reliability Engineering & System Safety 94(11): 18691877, (2009)
24. Porzeziński M., Redlarski G., Śliwiński M.: Industrial computer networks functional safety. In: Functional safety management in critical systems, 271288. Gdańsk: Fundacja Rozwoju Uniwersytetu Gdańskiego, (2007)
25. Tixier J., Dusserre G., Salvi O., Gaston D.: Review of 62 risk analysis methodologies of industrial plants. Journal of Loss Prevention in the Process Industries. Vol.15. Elsevier, (2006)
26. Śliwiński, M., Kosmowski, K.T., Piesik, E. Verification of the safety integrity levels with regard of information security issues (in Polish), In: Advanced Systems for Automation and Diagnostics, PWNT, Gdańsk (2015)
27. US-CERT: Control Systems - Overview of Cyber Vulnerabilities. http://www.us-cert.gov/controlsystems/csvuls.html, Access: (2015)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Piesik, E., Śliwiński, M. (2017). Determining and verifying the safety integrity level with security aspects. In: Mitkowski, W., Kacprzyk, J., Oprzędkiewicz, K., Skruch, P. (eds) Trends in Advanced Intelligent Control, Optimization and Automation. KKA 2017. Advances in Intelligent Systems and Computing, vol 577. Springer, Cham. https://doi.org/10.1007/978-3-319-60699-6_65
Download citation
DOI: https://doi.org/10.1007/978-3-319-60699-6_65
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-60698-9
Online ISBN: 978-3-319-60699-6
eBook Packages: EngineeringEngineering (R0)