Securing Industrial Control Systems and Safety Instrumented Systems E-Book

Securing Industrial Control Systems and Safety Instrumented Systems

A practical guide for safeguarding mission and safety critical systems

Jalal Bouhdada

Securing Industrial Control Systems and Safety Instrumented Systems

Copyright © 2024 Packt Publishing

All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.

Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the author, nor Packt Publishing or its dealers and distributors, will be held liable for any damages caused or alleged to have been caused directly or indirectly by this book.

Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.

Group Product Manager: Pavan Ramchandani

Publishing Product Manager: Neha Sharma

Book Project Manager: Ashwini C

Senior Editors: Romy Dias and Apramit Bhattacharya

Technical Editor: Arjun Varma

Copy Editor: Safis Editing

Proofreader: Apramit Bhattacharya

Indexer: Pratik Shirodkar

Production Designer: Jyoti Kadam

DevRel Marketing Coordinator: Marylou De Mello

First published: August 2024

Production reference: 1310724

Published by Packt Publishing Ltd.

Grosvenor House

11 St Paul’s Square

Birmingham

B3 1RB, UK

ISBN 978-1-80107-881-8

www.packtpub.com

To my cherished wife, my dear daughters, my beloved parents, and my brothers.

Thank you for the memories that brighten my days, for the unconditional love that sustains my soul, and for the unwavering support that propels me forward. Each page of this book is imbued with the gratitude I hold for you all, as my life’s most precious guides and companions.

Additionally, I would like to extend my gratitude to the ICS cybersecurity community for their invaluable guidance and continuous support during the research and writing of this book.

Special thanks to the book’s technical reviewers and to the Packt project team for their flexibility and dedication.

Foreword

It’s a true honor to introduce this insightful book on practical Safety Instrumented Systems (SISs) cybersecurity, authored by a colleague and friend I’ve had the pleasure of knowing for many years. Our shared background in systems design, asset management, and security within the energy, chemical, and critical infrastructure sectors has given me a firsthand look at his exceptional expertise and commitment to securing Industrial Control Systems (ICSs). We both worked earlier in our careers at major Dutch companies that operate globally, which brought us together early on in technical discussions specific to the process control and safety domain of plant operations.

The author is a highly skilled expert in cybersecurity for process control domains and networks. His technical knowledge is extensive, and his warm-hearted nature and kindness have made him a trusted advisor to many. His genuine interest in listening to and addressing concerns has earned him respect and admiration across the industry.

Throughout his career, the author has provided invaluable support to companies in the oil and gas, chemicals, maritime, power and utilities sectors, and more. His ability to simplify complex cybersecurity concepts and present them in a practical, understandable way has empowered organizations to better protect their critical systems and assets. He has a remarkable talent for discerning what truly matters in control systems and cybersecurity, separating the essential from the subjective, and conveying these insights with clarity.

This book is a testament to the author’s extensive knowledge and experience. It offers a comprehensive guide to the intricacies of securing SISs within industrial environments, a subject of top importance in today’s increasingly interconnected world. His deep understanding of both the technical and operational aspects of SIS cybersecurity ensures that this book is not only informative but also highly practical, providing readers with actionable insights and strategies to enhance the security of their systems.

What sets this book apart is the author’s unique ability to bridge the gap between theory and practice. His firsthand experience as an asset owner-operator, combined with his extensive work helping various companies worldwide, has provided him with a wealth of practical knowledge and real-world insights. These experiences are covered throughout the book, offering readers a rich tapestry of case studies, best practices, and lessons learned from the front lines of industrial cybersecurity.

In an era where cybersecurity threats are constantly evolving and becoming increasingly sophisticated, the importance of securing SISs cannot be overstated. These systems play a crucial role in ensuring the safety of industrial processes, and any compromise to their integrity can have catastrophic consequences. The author’s approach to SIS cybersecurity, rooted in years of experience assessing and securing different vendor solutions, makes this book a solid resource for anyone involved in the design, implementation, or management of these critical systems.

As someone who has had the privilege of collaborating with the author and witnessing firsthand his dedication, expertise, and passion for cybersecurity, I can attest to his qualifications and the value of the insights presented in this book. His contributions to the field are widely recognized and respected within the industry, and this book is yet another testament to his commitment to advancing the state of SIS cybersecurity.

In closing, I highly recommend this book and encourage you to explore its pages with confidence. Whether you are a seasoned professional or new to the world of SIS cybersecurity, you will find this book to be an indispensable guide, filled with practical advice, expert insights, and the wisdom of someone who has dedicated his career to making our industrial environments safer and more secure.

Sincerely,

Marco (Marc) Ayala

Contributors

About the author

Jalal Bouhdada is a renowned international expert in the realm of Industrial Control Systems (ICSs) cybersecurity, with a deep-rooted passion for cybersecurity, cutting-edge technology, and the dynamic world of startups. As a founder, investor, and board advisor, Jalal is dedicated to driving significant advancements in cybersecurity. He is committed to fostering innovation within the industry and aiding critical infrastructure organizations in securing their digital landscapes.

Since founding Applied Risk in 2012, Jalal has been at the forefront of the company, steering its strategy toward becoming a leader in industrial security services and innovative product development. Under his leadership, Applied Risk has tackled numerous intricate ICS cybersecurity projects for prominent global clients, including some of the largest names in the industrial and utilities sectors.

Recognized as a global thought leader in industrial control systems security and critical infrastructure protection, Jalal actively contributes to the cybersecurity community. He is a member of several prestigious security societies and has co-authored pivotal ICS security best practice guidelines for notable organizations such as ENISA, ISA, and the European Energy ISAC (EE-ISAC). Additionally, Jalal is a sought-after speaker who frequently shares his expertise with both private and public audiences worldwide, inspiring a new generation of cybersecurity professionals.

About the reviewers

Denrich Sananda is an instrumentation engineer with a distinguished qualification from Harvard Business School and boasts an impressive 24-year career dedicated to process safety automation. Renowned for his leadership prowess, Denrich has spearheaded high-potential teams within complex business environments, safeguarding high-value assets across sectors including oil and gas, utilities, fertilizers, petrochemicals, and refineries.

With a focus on risk mitigation and management, Denrich specializes in providing comprehensive solutions for functional safety and Operational Technology (OT) security within ICS environments. Leveraging industry standards such as ISA/IEC 61511, ISA/IEC 62443, NIST, and NERC CIP, he ensures the robust protection of critical infrastructure.

Denrich’s hands-on experience encompasses the execution, commissioning, and troubleshooting of numerous safety system projects, underscoring his practical expertise in the field.

As an accredited TÜV Rheinland program trainer for SIS, Denrich is committed to sharing his knowledge and expertise. He has conducted numerous functional safety seminars and training sessions aimed at fostering awareness of the IEC 61508 and IEC 61511 lifecycle approaches.

Passionate about safety and security, Denrich is a sought-after speaker at conferences and forums, where he actively engages in discussions surrounding functional safety and OT/ICS cybersecurity, further solidifying his reputation as a thought leader in the field.

Marc Ayala is a process automation professional with over 25 years of experience working in petrochemical facilities where he designed, engineered, and maintained process automation, safety systems, and integrated networks. Marco is active in the oil and gas sector, chemicals industry, and maritime domain including offshore facilities. Mr. Ayala is an established and respected instructor for ISA cyber courses. He is a member of and contributor to the AMSC Cybersecurity efforts as Chair, an InfraGard member, and sector chief of the Maritime Domain Cross-Sector Council for ports and terminals.

Paul Smith has spent close to 20 years in the automation control space, tackling the “red herring” problems that were thrown his way. Unique issues such as measurement imbalances resulting from flare sensor saturation, database migration mishaps, EEPROM production line failures, and many more. This ultimately led to the later part of his career where he has spent most of his time in the industrial cybersecurity space pioneering the use of new security technology in the energy, utility, and critical infrastructure sectors, and helping develop cybersecurity strategies for some of the world’s largest industrial organizations and municipalities.

Ron Brash is a household name when it comes to ICS/OT cybersecurity and embedded vulnerability research. He was instrumental in creating the datasets for the S4 ICS Detection Challenges, received the Top 40 under 40 award for Engineering Leaders 2020 from Plant Engineering, was an embedded developer at Tofino Security, advised several large asset owners in a variety of industries on OT security, and brought a number of products to market.

With 45 years of experience in process automation, Sinclair Koelemij brings a wealth of expertise, with 25 years dedicated to process control and an additional 20 years specializing in networking, security, and risk management for process automation systems. During his extensive 43-year tenure at Honeywell, he played key roles in servicing, engineering, and securing diverse control and process safety solutions, spanning basic and advanced control systems. Sinclair also possesses hands-on experience in software development and the implementation of control and safety solutions for over 100 installations owned by various asset owners, varying in scale from smaller setups with fewer than 1,000 I/O points to large installations exceeding 100,000 I/O points. Furthermore, Sinclair holds several patents in the field of cyber-physical risk evaluation and mitigation.

Younes Dragoni is a highly skilled and experienced professional specializing in ICS cybersecurity with a passion for supporting the cybersecurity maturity journey of major critical infrastructures worldwide.

Having started his career as a security researcher, Younes has an impressive track record of over 20 advisory publications, working with renowned companies such as Mitsubishi Electric, Siemens, Rockwell Automation, Emerson, GE, and Philips Healthcare. His deep technical knowledge and research contributions have made him a trusted authority in the field.

Making a transition into the business development field, Younes has been instrumental in driving growth, both in terms of revenue and strategic partnerships. He understands the unique challenges faced by organizations operating critical infrastructures and is committed to delivering innovative solutions that address their cybersecurity needs.

Beyond his professional accomplishments, Younes also serves as an advisor and mentor for early-stage startups and national institutions, leveraging his expertise to guide and shape their cybersecurity strategies. He is an active member of the World Economic Forum, contributing to discussions on the future of cybersecurity, and serves as a board member at the ISACA Swiss Chapter.

Table of Contents

Preface

Part 1: Safety Instrumented Systems

1

Introduction to Safety Instrumented Systems (SISs)

Understanding SIS

SIS elements

BPCS versus SIS

SIS applications – where are they used?

What is ICS cybersecurity?

How do IT and engineering communities perceive ICS cybersecurity?

Exploring relevant cybersecurity and functional safety standards

Examining the safety and cybersecurity lifecycle

Safety lifecycle

Cybersecurity lifecycle

Summary

Further reading

2

SIS Evolution and Trends

The history and evolution of SISs

The need for protecting SISs

ICS cyber risk trends and evolution

The intersection of safety and cybersecurity

ICS threat landscape

ICS cybersecurity incidents and lessons learned

Summary

Further reading

3

SIS Security Design and Architecture

Understanding DiD and LOPA principles

The DiD strategy

The LOPA strategy

ICS security design and architecture

The Purdue model

ICS key components for safety functions

ICS zoning and conduits

SIS secure architecture

Managing entry points

Example SIS reference architectures

Safety network protocols

HART

Modbus

OPC

SafeEthernet (HIMA)

Vnet/IP (Yokogawa)

ProfiSafe

Functional Safety Over EtherCAT (FSoE)

CIP Safety

CC-Link Safety

openSAFETY

ICS proprietary protocols

Lab exercise – TRITON

Summary

Further reading

Part 2: Attacking and Securing SISs

4

Hacking Safety Instrumented Systems

ICS attacks

Process (physical) attacks

Cyber attacks

Understanding the SIS attack surface

SuCs

Abusing the HMI

Attacking the SIS controller

(P)0wning the S-EWS

Abusing the IAMS

Replaying traffic

Reverse engineering a transmitter of field devices

Bypassing a key switch

Putting it all together

Lab exercise – ReeR MOSAIC M1S safety PLC security assessment

Summary

Further reading

5

Securing Safety Instrumented Systems

Security design and engineering

The secure-by-design principle

Managing the ICS cybersecurity lifecycle

Technology and product selection

CSMSs

SIS – The need for integral security

Operational policies and procedures

GOM

Operation and cybersecurity maintenance

Hazard

Criticality

Reliability

Summary

Further reading

Part 3: Risk Management and Compliance

6

Cybersecurity Risk Management of SISs

Importance of cyber risk assessment

Risk assessment objectives

SIS risk assessment principles

Consequence-based risk assessment

Cybersecurity risk assessment methodologies

Conducting risk assessments in SISs

IEC 62443-3-2

BowTie

NAMUR

The continuous nature of risk assessment

Summary

Further reading

7

Security Standards and Certification

The evolution of standards and legislation

Industry-relevant certifications

Identifying key stakeholders and the broader ecosystem

Resources and initiatives

Summary

Further reading

8

The Future of ICS and SIS: Innovations and Challenges

The current state of ICS cybersecurity innovation

Emerging technologies including opportunities and challenges

Artificial Intelligence

Quantum computing

Cloud computing

Autonomous operations

Zero Trust

Self-healing systems

Summary

Further reading

Index

Other Books You May Enjoy

Preface

Industrial Control Systems (ICSs) form the backbone of modern industry, facilitating the automation, monitoring, and management of critical infrastructure sectors including oil and gas, chemicals, power generation, and manufacturing. Within this context, Safety Instrumented Systems (SISs) play a pivotal role in ensuring operational safety by preventing hazardous situations and reducing the likelihood of catastrophic failures. However, as the convergence of Information Technology (IT) and Operational Technology (OT) accelerates, the inherent vulnerabilities in ICS and SIS have exposed industries to a new dimension of cybersecurity threats.

The expanding digital footprint of industrial environments has brought remarkable gains in efficiency, productivity, and insight. Yet, it has also widened the attack surface, placing critical safety functions at risk. Cyberattacks on ICSs/SISs can result in devastating consequences, including process disruptions, equipment damage, environmental hazards, and even loss of life. Securing these systems requires a holistic understanding of both the technical and strategic aspects of cybersecurity, blending traditional safety measures with emerging security frameworks.

Securing Industrial Control Systems and Safety Instrumented Systems: A practical guide for safeguarding mission and safety critical systems is designed to offer an in-depth exploration of this challenging landscape. This book aims to provide practical guidance, strategic insights, and actionable steps to protect your ICS/SIS environment effectively.

The key objectives of this book are as follows:

Who this book is for

This book is aimed at the following roles:

What this book covers

Chapter 1, Introduction to Safety Instrumented Systems (SISs), lays the foundation by exploring what Safety Instrumented Systems (SISs) are and their crucial role in safeguarding industrial processes. We delve into the principles of functional safety, outlining key components, functions, and how SIS integrates with Industrial Control Systems (ICSs).

Chapter 2, SIS Evolution and Trends, traces the historical evolution of SIS, from early mechanical safeguards to modern electronic SIS. We also discuss emerging trends such as the convergence of IT and OT, the impact of new technologies, and the increasing adoption of integrated safety and control systems.

Chapter 3, SIS Security Design and Architecture, provides a comprehensive guide to designing and architecting SIS. Key topics include risk assessment, Safety Integrity Levels (SILs), redundancy models, and the integration of SIS with Distributed Control Systems (DCSs) and Programmable Logic Controllers (PLCs).

Chapter 4, Hacking Safety Instrumented Systems, is an eye-opening chapter in which we uncover the methods, tactics, and motivations of attackers targeting SISs. We analyze real-world case studies, explain common vulnerabilities, and discuss how cyberattacks can lead to catastrophic safety failures.

Chapter 5, Securing Safety Instrumented Systems, builds on the previous chapter and presents practical strategies and best practices to secure SISs. From network segmentation and anomaly detection to secure coding practices and incident response, this chapter offers a comprehensive approach to safeguarding critical safety systems.

Chapter 6, Cybersecurity Risk Management of SISs, delves into risk management, which is the cornerstone of effective SIS security. This chapter provides a systematic framework for identifying, assessing, and mitigating cybersecurity risks in SISs. We introduce risk assessment methodologies including HAZOP and LOPA and discuss how to prioritize controls based on their potential impact.

Chapter 7, Security Standards and Certification asserts, that compliance with standards and regulations is key to ensuring the safety and security of SIS. This chapter offers an overview of international standards including IEC 61511 and NIST 800-82, along with relevant legislation. We also provide practical guidance on implementing and adhering to these standards.

Chapter 8, The Future of ICS and SIS: Innovations and Challenges, is where we curate a comprehensive list of additional resources, including books, whitepapers, webinars, and industry organizations. These resources will help you deepen your understanding and stay updated on the latest trends in SIS security.

To get the most out of this book

This book assumes a foundational understanding of SISs and ICSs. Proficiency with Windows, macOS, or Linux operating systems will help you make the most of the practical insights provided.

Software/hardware covered in the book

Operating system requirements

MOSAIC M1S COM

https://www.reersafety.com/en/software-2/

Windows, macOS, or Linux

Reer MOSAIC M1S Safety PLC https://www.reersafety.com/en/categories/safety-controllers-and-interfaces/

Get in touch

Feedback from our readers is always welcome.

General feedback: If you have questions about any aspect of this book, email us at [email protected] and mention the book title in the subject of your message.

Errata: Although we have taken every care to ensure the accuracy of our content, mistakes do happen. If you have found a mistake in this book, we would be grateful if you would report this to us. Please visit www.packtpub.com/support/errata and fill in the form.

Piracy: If you come across any illegal copies of our works in any form on the internet, we would be grateful if you would provide us with the location address or website name. Please contact us at [email protected] with a link to the material.

If you are interested in becoming an author: If there is a topic that you have expertise in and you are interested in either writing or contributing to a book, please visit authors.packtpub.com.

Share Your Thoughts

Once you’ve read Securing Industrial Control Systems and Safety Instrumented Systems, we’d love to hear your thoughts! Please click here to go straight to the Amazon review page for this book and share your feedback.

Your review is important to us and the tech community and will help us make sure we’re delivering excellent quality content.

Download a free PDF copy of this book

Thanks for purchasing this book!

Do you like to read on the go but are unable to carry your print books everywhere?

Is your eBook purchase not compatible with the device of your choice?

Don’t worry, now with every Packt book you get a DRM-free PDF version of that book at no cost.

Read anywhere, any place, on any device. Search, copy, and paste code from your favorite technical books directly into your application.

The perks don’t stop there, you can get exclusive access to discounts, newsletters, and great free content in your inbox daily

Follow these simple steps to get the benefits:

https://packt.link/free-ebook/978-1-80107-881-8

Part 1:Safety Instrumented Systems

This book begins with a comprehensive introduction to Safety Instrumented Systems (SISs), covering essential safety and cybersecurity concepts as well as terminology specific to process safety cybersecurity. The goal of the initial chapter is to establish a solid foundation of knowledge, enabling readers to delve deeper into more complex topics in subsequent chapters. Chapter 2 addresses and clarifies common misconceptions about SIS cybersecurity to ensure a clear understanding before progressing to more detailed discussions. Chapter 3 explores the security design and architecture, including protocols and best practices, emphasizing the secure-by-design principles.

This part has the following chapters:

This structure ensures a progressive learning experience, equipping readers with both the theoretical and practical aspects of SIS cybersecurity.

1

Introduction to Safety Instrumented Systems (SISs)

Industrial control systems (ICSs) have become an increasingly pressing concern due to emerging cyber threats and the prevalence of legacy devices that lack the security to protect against modern threat vectors. Cyberattacks have struck assets of all sizes and verticals, bringing an end to the era of denial and myths about the security of industrial installations.

Safety instrumented systems (SISs) are considered the crown jewels and last layer of defense for many Critical Infrastructures (CIs) such as oil and gas, chemicals, power, manufacturing, and maritime to name a few.

For years, they have operated in isolation using technologies and protocols that were designed without security in mind and focusing primarily on operations conventional functional safety requirements that are not sufficient to protect against motivated, capable, and well-funded adversarial cyber threats.

Nowadays, modern process facilities are significantly interconnected due to the Information Technology (IT) and Operational Technology (OT) convergence, and the widespread adoption of Internet Protocol (IP) based technologies. Furthermore, access to vendor documentation and system specifications is no longer exclusive to a select group of asset owners, operators, and Original Equipment Manufacturers (OEMs). This renders an SIS increasingly vulnerable to cybersecurity attacks by adversaries seeking to manipulate or disrupt its operations.

The importance of cybersecurity for an SIS has only recently started to gain broader attention on C-suite agendas within organizations, primarily driven by the observation of a number of prominent cyber incidents and near-misses in recent years.

In this chapter, we’re going to cover the following main topics together:

Understanding SIS

The main goal of this chapter – and this book – is not to provide an extensive education on the engineering specifics of SISs, as many resources and publications already exist on this subject and have been available for some time. We will instead focus on what you need to understand about SISs within the context of cybersecurity, in order to allow you to grasp the ideas presented in this book without getting too caught up in the details.

SISs are deemed as the most critical barrier of plant process safety and the last prevention layer against process hazards. Usually, when combined with other engineering and administrative controls, a SIS provides a comprehensive set of safeguards and a layered protection approach as part of a plant’s safety philosophy to control risk to As Low As Reasonably Practicable (ALARP) or As Low As Reasonably Achievable (ALARA), taking into account social and economic factors. However, these measures are separate from those of a Basic Process Control System (BPCS), which is used for process control. This is the key differentiator between an SIS and a BPCS.

According to the International Electrotechnical Commission (IEC) definition, SISs are built to achieve three key objectives:

The term SIS typically consists of multiple elements. It includes, but is not limited to, sensors or detectors to monitor process conditions, logic solvers or controllers to process input signals, and final elements (such as valves or actuators) to perform operations and communication networks that facilitate the exchange of information. These components work together to ensure that the process remains within safe operating limits and to initiate an appropriate response when a safety-critical situation arises.

SIS elements

As depicted in the following illustration, an SIS consists of three key elements:

Figure 1.1 – SIS elements

Let’s discuss them further:

Here are some common types of SIS sensors used in process industries:

A safety function is part of a system that can have several subsystems and elements:

Figure 1.2 – Example of a system and subsystems

Like any complex system, an SIS can experience failures. There are several types of failures that can occur in an SIS, including the following:

Examples of systematic failures could be a hidden fault in the design or implementation of software as well as hardware, an error in the design specifications, user manuals, procedures or security operational procedures (SOPs), and so on. It can occur in any lifecycle phase activity.

An SIS can operate in four distinct states that are defined by the state I/O signals originating from the system, as presented in the following table:

SIS state

Process status

OK

Process is available

Safe

Process has tripped

Dangerous

Process is available but not protected

Intermediate

Process is available and SIS is available, but it is time to repair it

Table 1.1 – Different SIS states

Important note – deviations and derogations

Deviations typically refer to a departure from the standard performance or prescribed procedures of a system. In functional safety, for instance, a deviation could denote a failure in a safety function or system, resulting in the system not performing as intended. Such deviations could be due to individual component failures, system errors, or security weaknesses. Addressing these deviations necessitates investigating the root cause and devising corrective measures to bring the system back to its standard operating condition. In terms of cybersecurity, deviations could represent any unexpected or irregular activities that could potentially signify a breach or vulnerability threat that requires immediate investigation and remediation.

Derogations, on the other hand, represent a formal exemption from a standard or regulation. In the arena of ICS cybersecurity, derogations are often granted when it is impractical to adhere strictly to the standard or when alternative measures provide an equal or higher level of security. Typically, such derogations must be securely controlled, justified properly, and approved by relevant authority figures, ensuring they don’t compromise the overall integrity of the system. It’s important to note that derogations are not shortcuts or loopholes but are considered flexibilities within the regulatory framework, provided they don’t compromise the objective of the standard.

Both deviations and derogations hold immense significance for an ICS’s functional safety and cybersecurity. While managing deviations involves identifying, analyzing, and remediating unexpected occurrences, handling derogations involves ensuring any exemptions from standards maintain the requisite level of safety and security.

BPCS versus SIS

SISs are primarily designed to track and sustain the safety of the process and are typically passive and dormant for long periods of time. SISs wait to respond to system demands only when necessary. They use Safety Instrumented Functions (SIFs) to execute specific safety-related tasks such as Emergency Shutdown (ESD) and Fire and Gas (F&G).

Maintenance and diagnostics are essential in SISs to confirm that the system is functioning properly and reduce the need for manual tests. All SIS modifications after installation require strict compliance with the Management of Change (MoC) processes, as even the slightest alteration can have a significant impact.

On the other hand, BPCSs are very dynamic in nature with numerous changes. A BPCS provides oversight over the process with a range of digital and analog inputs and outputs that respond to logic functions, making it easier to detect any malfunctions or failures. However, these systems require frequent changes to ensure accurate process control. BPCSs typically consist of hardware and software components, including sensors, controllers, Human-Machine Interfaces (HMIs), and communication networks. BPCSs often use open standard protocols, such as Modbus and OPC, to communicate with other devices in the plant.

The following figure illustrates the typical components of BCPS and SIS and how they interact from a process perspective:

Figure 1.3 – BPCS versus SIS

SIS and BPCS have many similarities, yet their differences lead to different design, maintenance, and integrity requirements.

The implementation of cybersecurity for these systems varies significantly, yet both are susceptible to various threats, including malware, hacking, zero-days, Man-in-the-Middle (MitM) attacks, and human errors. Nevertheless, the ramifications of a successful SIS breach can be more severe than in BPCSs, as SISs are responsible for protecting the plant and its personnel from hazardous events. A compromised SIS can lead to the failure of safety functions and potentially catastrophic consequences, such as fires, explosions, and toxic releases. We will explore this further in the next chapter.

SIS applications – where are they used?

SISs are of paramount importance when it comes to protecting process safety. Process plants are beneficial as they can transform raw materials and ingredients into tangible products and goods as part of a complex supply chain. Unfortunately, the techniques used to conduct this conversion can trigger dangerous conditions that, if not efficiently controlled and properly contained, might cause major incidents or top events. Hazardous conditions may be present when dealing with combustible materials such as solids, liquids, gases, vapors, and dust.

In addition, administrative controls and safeguards should be used to address the control of risk.

SISs are deployed for many purposes in petrochemical facilities and pipelines and for other industry-specific needs. Examples of these systems include the following:

The following screenshot presents an example of an ESD system and its components:

Figure 1.4 – ESD system

The main purpose of ESD can be summarized as follows:

The HIPS serves as the ultimate protection system for the process, and often eliminates the need for pressure release, thereby tending to the environment and mitigating the risks linked to manual handling errors. It also calibrates the overconfidence (high level of trust) that engineers might sometimes have in Distributed Control Systems (DCSs) and ESD systems.

Some of the most popular deployments of HIPSs include, but are not restricted to, the following:

The following illustration depicts a typical HIPS deployment for a subsea field environment:

Figure 1.5 – HIPS

The majority of BMSs are designed with the aim of providing protection against potentially hazardous operating conditions and the admission of fuel that is not suitable. A BMS gives the user important status information and support, while additionally, if there is a hazardous condition, it can initiate a safe operating condition or a shutdown interlock.

According to the National Fire Protection Association (NFPA) 85 Boiler and Combustion Systems Hazards Code, a BMS is a control system that is devoted to boiler furnace safety and operator support. This system assures the safe and efficient working of the boiler, thereby contributing to the safety of the facility as a whole.

The chance of fire and hazards will increase significantly without a BMS in place. Organizations nowadays implement BMS in SIS to increase safety and system availability, as well as to remain compliant with sector regulations and the latest industry best practices.

Figure 1.6 illustrates an example of a BMS and its various elements:

Figure 1.6 – BMS

A list of BMS components, including their functions, can be found in the following table:

Component

Function

Burner

This is where a combination of fuel, oil, and/or gas is mixed with air and ignited to create heat. The process of combustion takes place in multiple burners of large heaters.

FC (flow controller)

This is used to monitor and control the fuel valves and ignitors of the BMS following a sequence that includes processes such as purging, ignition, operation, and shutdown.

Flame detector

This device is used to monitor the absence or presence of a flame and deploy a specific signal to detect it.

Valves

Their primary function is to control and shut off the flow of substances (oil, gas, etc.) into the fuel system.

Table 1.2 – BMS components and functions

It is no surprise that SISs play an essential role within process industries in guaranteeing the safety and dependability of critical operations. A few examples of where an SIS is required to aid in the safeguarding of people, equipment, and the wider environment include the following:

In the next section, we will examine ICS cybersecurity as a new discipline in detail. We will also explore how the IT and engineering communities perceive ICS cybersecurity in their respective fields.

What is ICS cybersecurity?

The term ICS is used in a broad sense to refer to programmable-based devices that are used to control, monitor, supervise, automate, or interact with assets used in continuous, discrete, and hybrid processes in manufacturing, infrastructure, and other commercial and industrial sectors.

At its heart, ICS cybersecurity is about both protecting industrial assets and recovering from system upsets that occur from electronic communications between systems, or between systems and people.

An ICS includes various components, such as the following:

Establishing a secure baseline for an ICS can be a complex and wide-reaching process as this can cover software, hardware, and communications interfaces. These hardening parameters need to be defined, at the very minimum level, by the following:

Despite certain common attributes, ICS differs from the traditional IT systems that are widely deployed in office and enterprise networks. Historically, ICS implementations were heavily