1. bookVolume 21 (2012): Issue 1 (March 2012)
Journal Details
License
Format
Journal
eISSN
2083-4608
ISSN
1895-8281
First Published
26 Feb 2008
Publication timeframe
4 times per year
Languages
English
access type Open Access

The Impact of Security Aspects on Functional Safety Analysis / Wpływ Aspektów Ochrony Informacji Na Wyniki Analiz Bezpieczeństwa Funkcjonalnego

Published Online: 09 Nov 2013
Volume & Issue: Volume 21 (2012) - Issue 1 (March 2012)
Page range: 27 - 40
Journal Details
License
Format
Journal
eISSN
2083-4608
ISSN
1895-8281
First Published
26 Feb 2008
Publication timeframe
4 times per year
Languages
English
Abstract

It can be said that a distributed control and protection system’s security level may have a significant impact on functional safety analyses and their results. However the issue of integrating those both aspects are difficult and usually is neglected during functional safety analyses. Known methods of functional safety analyses don’t take into consideration this kind of concept also. This paper discusses an attempt to integrate safety and security aspects with respect to functional safety analysis as a main one. It is based on proposed classification of communication channels used in the system and the level of system distribution. The functional safety analysis is performed at every stage of system lifecycle. The most important part is related to description of required safety functions and determining required safety integrity level for them. Moreover the proposed concept should be taken into account on this stage, and assume that security should be considered as a risk parameter used in the functional safety analysis. On the other hand there is a verification of required SIL for designed safety-related system which implements safety function where security should be taken into consideration as well.

Keywords

Słowa kluczowe

[1] AIChE: Layers of Protection Analysis - Simplified Process Risk Assessment, Center for Chemical Process Safety, American Institute of Chemical Engineers, New York 2001.Search in Google Scholar

[2] Barnert T., Kosmowski K.T., Sliwinski M., Analiza bezpieczeństwa funkcjonalnego i ochrony informacji w rozproszonych systemach komputerowych pełniących funkcje sterowania i zabezpieczeń, Pomiary Automatyka Kontrola PAK, 2007Search in Google Scholar

[3] Barnert T., Kosmowski K., Śliwiński M., Determining and veryfying safety integrity level under uncertainty, Taylor & Francis Group, European Safety & Reliability Conference, ESREL 2008, Valencia, HiszpaniaSearch in Google Scholar

[4] Barnert T., Kosmowski K.T., Sliwinski M. Security aspects in verification of the safety integrity level of distributed control and protection systems, Journal of KONBIN, Air Force Institute of Technology, Warsaw, 150-176, 2008Search in Google Scholar

[5] Barnert T., Kosmowski K.T., Śliwiński M.: A knowledge-based approach for functional safety management, Taylor & Francis Group, European Safety & Reliability Conference ESREL, Praga, Czechy 2009.10.1201/9780203859759.ch11Search in Google Scholar

[6] Barnert T., Kosmowski K.T., Sliwinski M., Integrated functional safety and security analysis of process control and protection systems with regard to uncertainty issue, PSAM 2010, Seattle, USA, 2010Search in Google Scholar

[7] Barnert T., Kosmowski K.T., Śliwiński M., „A method for including the security aspects in the functional safety analysis of distributed control and protection systems”, Proceedings of European Safety & Reliability Conference, Rhodos, Greece, 2010Search in Google Scholar

[8] Grøtan T.O., Jaatun M.G., Øien K., Onshus T., The SaSa Method for Assesing Secure Remote Access to Safety Instrumented Systems (SINTEF A1626), 2007, Trondheim, Norway.Search in Google Scholar

[9] IEC 61882: Hazard and operability studies (HAZOP studies) - Application guide. International Electrotechnical Commision (IEC), 2001.Search in Google Scholar

[10] Jaatun M.G., Grøtan T.O., Line M.B., Secure Safety: Secure Remote Access to Critical Safety Systems in Offshore Installations, w: Autonomic and Trusted Computing, 2008, Springer Berlin Heidelberg, Berlin, Heidelberg, s. 121-133.10.1007/978-3-540-69295-9_12Search in Google Scholar

[11] Jaatun M.G., Line M.B., Grøtan T.O., Secure remote access to autonomous safety systems; A good practice approach. Int. J. Auton. Adapt. Commun. Syst., 2009, t. 2, s. 297-312.10.1504/IJAACS.2009.026788Search in Google Scholar

[12] ISO/IEC 17779:2000: Information technology - Code of practice for information security management.Search in Google Scholar

[13] ISO/IEC 15408:1999: Information technology - Security techniques - Evaluation criteria for IT security Part 1-3.Search in Google Scholar

[14] Kosmowski K.T., Sliwinski M., Barnert T. Functional safety and security assessment of the control and protection systems, European Safety & Reliability Conference, ESREL 2006 Estoril, Taylor & Francis Group, London, 2006Search in Google Scholar

[15] PN-EN 61508:2004. Bezpieczeństwo funkcjonalne elektrycznych/ elektronicznych/ programowalnych elektronicznych systemów związanych z bezpieczeństwem. Części 1-7. Warszawa: PKN.Search in Google Scholar

[16] PN-EN 61508:2010. Bezpieczeństwo funkcjonalne elektrycznych/ elektronicznych/ programowalnych elektronicznych systemów związanych z bezpieczeństwem. Części 1-7. Warszawa: PKN.Search in Google Scholar

[17] PN-EN 61511:2007. Bezpieczeństwo funkcjonalne. Przyrządowe systemy bezpieczeństwa do sektora przemysłu procesowego. Części 1-3, PKN, WarszawaSearch in Google Scholar

[18] Missala T.: Analiza wymagań i metod postępowania przy ocenie ryzyka i określaniu wymaganego poziomu nienaruszalności bezpieczeństwa zawartych w normach bezpieczeństwa funkcjonalnego, normach związanych z nimi oraz literaturze, PIAP, Warszawa 2009.Search in Google Scholar

[19] US-Cert, Control Systems Security Program (CSSP) - Overview of Cyber Vulnerabilities (http://www.us-cert.gov/control_systems/csvuls.html) Search in Google Scholar

Recommended articles from Trend MD

Plan your remote conference with Sciendo