:quality(80)/p7i.vogel.de/wcms/33/cc/33cc3cb9f97dc320d46d369c9555b080/0114225642.jpeg "Alfa Laval is unveiling two new hygienic valves, the Alfa Laval Unique Mixproof CIP and Unique Mixproof Process, extending its hygienic double-seat valve range to meet market demands. (Source: Alfa Laval)")
:quality(80)/p7i.vogel.de/wcms/4e/4d/4e4d15c4ca21fabf7e4d7769641248b8/0114222518.jpeg "The ST75 Series Flow Meter from FCI offers a remote mountable, space-saving configuration that solves piping layout issues in potentially hazardous areas or hard-to-reach locations crowded with equipment. (Source: FCI)")
:quality(80)/p7i.vogel.de/wcms/b4/bd/b4bdc5b815ce948f01b600ab979d91a1/0114154848.jpeg "Augmented Reality is especially useful for technical maintenance staff and engineers of industrial plants as plant maintenance and training activities can be carried out with ease. (Source: PaulShlykov - stock.adobe.com)")
:quality(80)/p7i.vogel.de/wcms/3c/6d/3c6d44ea8e9c24eadddcf583ec7efde0/0113614417.jpeg "The double-acting and single-acting pneumatic actuators of the Actair Evo and Dynactair Evo type series are designed for actuating all types of part-turn valves. (Source: KSB)")
:quality(80)/p7i.vogel.de/wcms/0c/3f/0c3f44fe168d26acf1e8c1ac628ea37f/0114210735.jpeg "The unique pilot line serves mining and battery industry customers processing battery minerals. (Source: Metso)")
:quality(80)/p7i.vogel.de/wcms/1c/87/1c877b6891afdd025ad8e5cccb6eb85c/0114181353.jpeg "The 2-billion-dollar expansion is part of Exxonmobil’s long-term growth plans to deliver higher-value products from its U.S. Gulf Coast refining and chemical facilities. (Source:Pixabay)")
:quality(80)/p7i.vogel.de/wcms/ee/8f/ee8fd630e02ef715c9e5934a22e7029f/0114181340.jpeg "With two recycling units, one for advanced recycling with capacity to treat 15,000 tons of waste a year, and another mechanical recycling unit announced recently, Grandpuits is establishing itself as a major French recycling site. (Source: Pixabay)")
:quality(80)/p7i.vogel.de/wcms/97/0e/970e12668f327bf6cf9961e496719c9c/0114118988.jpeg "KBR has been awarded a license and engineering design contract by Hanwha Impact Corporation for the world's first commercial ammonia cracking unit. (Source: KBR)")
:quality(80)/p7i.vogel.de/wcms/03/f6/03f6a89546a6d8ea14038152dff4b572/0113987987.jpeg "The wall installation socket panels in the 8150/5-V88 series are expanding the R. Stahl product portfolio for clean rooms. (Source: R. Stahl )")
:quality(80)/p7i.vogel.de/wcms/fe/38/fe383d59a37a319c6a7755f91dc65d59/0113657270.jpeg "Filter system with built-in Sinter-Plate Filter elements – Herding Beta. (Source: Herding Filtertechnik)")
:quality(80)/p7i.vogel.de/wcms/33/7c/337ca4eb2638fe95b46967fe194e3f10/0110839569.jpeg "The agreement provides an integrated commercial proposition both with joint solutions and with proprietary products and services of the two companies, to meet the needs of the oil & gas, energy, and industry markets. (Source: Pixabay)")
:quality(80)/p7i.vogel.de/wcms/22/7e/227e859537f21966a303604494a8b821/0113805425.jpeg "The Bayer Campus Monheim, the crop protection laboratory of the future, and the global headquarters of the Crop Science division. (Source: Bayer)")
:quality(80)/p7i.vogel.de/wcms/f3/03/f303f1e1fd92d2334e0f0f19a9ed082b/0113642276.jpeg "Juergen Eckhardt, new Head of Pharma Business Development & Licensing / Open Innovation at Bayer. (Source:Bayer)")
:quality(80)/p7i.vogel.de/wcms/44/f3/44f3ce3f4a48733d91c56f6c292ae0af/0113586134.jpeg "PET is 100 % recyclable and is one of the most used plastics in the world today. (Bild: Recycle Man - stock.adobe.com)")
:quality(80)/p7i.vogel.de/wcms/17/55/1755b0c0ea466590d364c2519baa6f93/0113488956.jpeg "Novo Nordisk and Inversago Pharma have announced that Novo Nordisk has agreed to acquire Inversago for up to 1.075 billion dollars in cash. (Source: © Martin Nordmark)")
:quality(80)/p7i.vogel.de/wcms/cf/01/cf01bc3bfac822636655f5e412d07f6c/0114195035.jpeg "Italvacuum's Multispray tray vacuum dryers stand out for their build quality. (Source: Italvacuum)")
:quality(80)/p7i.vogel.de/wcms/5a/60/5a604abb49a590391cdd090b9e9169eb/0112905206.jpeg "With the Multi-VAControl, users have a solution to control, monitor and synchronize pumps in central vacuum systems as well as in Roots pump systems. (Source: Leybold)")
:quality(80)/p7i.vogel.de/wcms/f4/59/f4590811df29d3890d1caa253db607c9/0112888466.jpeg "The new dry rotary vane vacuum pumps of the DVS series from Atlas Copco. (Source: Atlas Copco)")
:quality(80)/p7i.vogel.de/wcms/f7/e4/f7e463e7c7e79a38f57b00872adc49f8/0112785639.jpeg "The valves for H₂ technology made by Samson Pfeiffer are ready for shipment. (Source: Pfeiffer Chemie-Armaturenbau)")
:quality(80)/p7i.vogel.de/wcms/11/03/110380e109cc9d0c92b48da0bcc0263a/0113972976.jpeg "Concepts such as ‘water purification’ and ‘water treatment’ are adopted and implemented to meet different water requirements. (Source: ungvar - stock.adobe.com)")
:quality(80)/p7i.vogel.de/wcms/7a/ea/7aeae6e5af21c08080e4926756ad3146/0113985902.jpeg "The Jean-R-Marcotte wastewater treatment plant in Montreal, Quebec, Canada is one of the largest wastewater treatment plants in North America. (Source: Air Products)")
:quality(80)/p7i.vogel.de/wcms/61/f3/61f332eb9700b52158601a4183b160f4/0113184768.jpeg "Veolia’s scope includes a state-of-the-art process water system and a wastewater treatment plant. (Source; Pixabay)")
:quality(80)/p7i.vogel.de/wcms/f6/73/f67368893c723e018cd7df3fdee2698d/0113062724.jpeg "Under an international agreement, Schneider Electric will integrate Suez's digital Aquadvanced range of products into its water cycle management software, Ecostruxure Water Advisor. (Source: Pixabay)")
:quality(80)/p7i.vogel.de/wcms/0f/0a/0f0a177aeb05270d20ea77ecfbc13f3c/0114220617.jpeg "BHS-Sonthofen will showcase a new laboratory indexing filter, a compact version of the proven indexing belt filter at Powtech 203. (Source: BHS-Sonthofen )")
:quality(80)/p7i.vogel.de/wcms/f9/16/f916deed855c8b4ba9eb8588493ac55b/0113158240.jpeg "The stretch hood safely protects the palletized stacks from environmental influences. (Bild: Beumer Group)")
:quality(80)/p7i.vogel.de/wcms/6b/96/6b966eef012797ff6597b1d1c0c5670f/0112790159.jpeg "“Even older conveyor systems can be optimised at low cost.” Rieks Reyers, Dinnissen (Source: Dinnissen)")
![Can we return polymers to their primal state of short hydrocarbon molecules? Chemical recycling does just that — but it needs the correct technologies for the mixing of the raw materials. (Bild: Source: © Scisetti Alfio, maykal, BillionPhotos.com, tunedin, aryfahmed, gertrudda - stock.adobe.com; Ekato [M] Frank)](https://cdn1.vogel.de/i5R9yjfpD0bcs3nfbm5deC-y_s8=/288x162/smart/filters:format(jpg):quality(80)/p7i.vogel.de/wcms/cb/f0/cbf0e414789b3b153e95845d4c2a39ea/0110589787.jpeg "Can we return polymers to their primal state of short hydrocarbon molecules? Chemical recycling does just that — but it needs the correct technologies for the mixing of the raw materials. (Bild: Source: © Scisetti Alfio, maykal, BillionPhotos.com, tunedin, aryfahmed, gertrudda - stock.adobe.com; Ekato [M] Frank)")
:quality(80)/p7i.vogel.de/wcms/0e/f6/0ef68ea7c5ea68b684c0214dcfa16eb8/0114211816.jpeg "Lanzajet and Technip Energies will work together on announced Lanzajet projects in the United States, the United Kingdom, Europe, India, Australia, and New Zealand. (Source: Pixabay)")
:quality(80)/p7i.vogel.de/wcms/5b/71/5b716444dfdbb91e9cd9b1da4cb9b9c9/0114211224.jpeg "Dow continues to implement the use of alternative feedstocks using the mass balance approach. (Source: © The Dow Chemical Company)")
:quality(80)/p7i.vogel.de/wcms/a2/1c/a21c3def55eb6fb35994e4efa573c498/0114182117.jpeg "Toray Industries has signed an agreement with Honda Motor to jointly develop a chemical recycling technology for glass-fiber reinforced nylon 6 parts recovered from end-of-life vehicles. (Source: Pixabay)")
:quality(80)/p7i.vogel.de/wcms/1d/76/1d76f8822e6d6bffcd1fb493f2a397e9/0114088745.jpeg "The medium-term strategy and outlook will be discussed in detail at the Capital Markets Day in Visp on 17th October 2023. (Source: Lonza)")
:quality(80)/p7i.vogel.de/wcms/c9/79/c979a20b32395ddfa93fe7ead90578a0/0108386061.jpeg "Production residues, lime, salt and suspended solids quickly clog the pipes. (Source:©Tanakorn - stock.adobe.com)")
:quality(80)/p7i.vogel.de/wcms/9e/5c/9e5c92d942ed046a27562d6e3d730c92/0103483548.jpeg "It is almost ten metres high and extends over three floors: the world's first multiple dividing wall column is located in the new technical centre at the University of Ulm. (Bild: Eberhardt, kiz Universität Ulm)")
:quality(80)/images.vogel.de/vogelonline/bdb/1952700/1952707/original.jpg "(Vogel Buchverlag)")
:quality(80)/images.vogel.de/vogelonline/bdb/1878900/1878914/original.jpg "Steam traps ensure that condensate is drained from steam systems. Without them the heat transfer would quickly become inefficient. (Levaco)")
:quality(80)/p7i.vogel.de/wcms/08/af/08af0b650b9fe0757d6e2a1910b3cbf8/0113641252.jpeg "Under the SPA, BASF has agreed to purchase up to approximately 0.8 mtpa of LNG from Cheniere. (Source: BASF)")
:quality(80)/p7i.vogel.de/wcms/60/76/607623faaf746ac27a18e0b564a4c55b/0112691397.jpeg "The Frontfuel project is a first of a kind and will use carbon dioxide and renewable energy to produce a synthetic crude, to demonstrate the value chain of SAF, using Topsoe technology. (Source: FlemishDreams - stock.adobe.com)")
:quality(80)/p7i.vogel.de/wcms/12/58/1258acaabf4f1415a20299c724100a09/0112209173.jpeg "The doubling of SAF production at Grandpuits, bringing the site’s annual production capacity to 285,000 tons, i.e. almost double the capacity announced in 2020. (Source: Pixabay)")
:quality(80)/p7i.vogel.de/wcms/d0/a9/d0a9d0ad11c7b53ab148a0862a375872/0111574392.jpeg "Depending on the ethanol feedstock, SAF produced with the Honeywell UOP ETJ process can reduce GHG emissions by 80 % on a total lifecycle basis compared to petroleum-based jet fuel. (Source: Pixabay)")
:quality(80)/p7i.vogel.de/wcms/be/29/be2904f37d10bc9e7aec18acf2de0149/0105775931.jpeg "The FE CPS enables continuous direct compression with a slim system design and closed process unit. (Source: Fette Compacting)")
:quality(80)/p7i.vogel.de/wcms/ca/b3/cab36410951e1c9dd1a341181a2e2ec1/0106327019.jpeg "PSLoop is a big topic in Europe. The EPC engineering experts focus on recycling processes, that do not change the chemical structure of the polymer. (Bild: EPC Engineering & Technologies)")
:quality(80)/p7i.vogel.de/wcms/8d/2e/8d2e1d7dd94afa3e88bd9b2831f1faa5/0106258058.jpeg "Fast and safe implementation of Ethernet-APL field devices for the process industry is also possible without having to build up extensive specialist knowledge about Ethernet-APL. (Source: Softing Industrial Automation, Shutterstock)")
:quality(80)/p7i.vogel.de/wcms/ea/c0/eac0be6a02da723fb811d933d73ba9ec/0106256725.jpeg "Hamilton offers a complete portfolio of sensors to fit single-use bioreactors or bags for measurement of inline pH, dissolved oxygen (DO), cell density, and conductivity. (Source: Hamilton)")
Safety Integrated Systems Architecture Minimises Cybersecurity Threats
Related Vendors
:fill(fff,0)/images.vogel.de/vogelonline/companyimg/67000/67026/65.jpg "Logo.jpg ()")
:fill(fff,0)/images.vogel.de/vogelonline/companyimg/2000/2093/65.jpg "Glatt_Logo_ND4c-RGB (5x3cm).jpg ()")
:fill(fff,0)/p7i.vogel.de/companies/5f/98/5f98fbb2e7bf2/05-trm-filter-logo-with-slogan-en-alt.png "05_TRM_Filter_LOGO_with_slogan_EN_ALT.png (www.trm-filter.com)"){kind=logo}
Emerson’s Sergio Diaz, product marketing manager for safety systems, and Alexandre Peixoto, product marketing manager for cybersecurity, explain what factors need to be considered in creating defendable safety systems.
Creating a safe and secure automation process involves implementing a well-designed safety instrumented system (SIS) and basic process control system (BPCS). To increase protection from cyber threats, industry cybersecurity standards provide guidelines on how these systems should be connected and separated. These standards include IEC 61511, which is widely recognised as good practice when engineering SIS and which references the ISA/IEC 62443 series of standards and technical reports for guidance on implementing electronically secure industrial automation and control systems (IACS). In addition, government agencies and industry associations in major European countries provide guidance to help organisations improve cybersecurity.
A common requirement among these standards and guidelines is that the SIS and BPCS must be logically independent, no matter the degree to which they are physically linked. The International Society of Automation (ISA) guidelines require safety-critical assets to be logically or physically zoned away from non-safety-critical assets. The guidelines from the User Association of Automation Technology in Process Industries (Namur) define three zones that likewise must be logically separated (figure 1).
The core SIS consists of the components required to execute the safety function (logic solver, input/output [I/O] components, sensors and final elements). The extended SIS contains components of the safety system that are not required to execute the safety function (such as engineering workstations). Peripherals are components and systems such as the basic process control system (BPCS), which are not directly or indirectly assigned to an SIS, but they may be used in the context of a safety function. Safety functions might include a reset request from the BPCS or visualisation of the safety function in a human-machine interface.
Creating Defendable Safety Systems
At the start of a project design phase, organisations should work within these guidelines when selecting an SIS/BPCS architecture, to create a defendable safety system that meets their specific cybersecurity requirements. It should be remembered though that whilst SIS/BPCS architecture selection impacts the robustness of cybersecurity, the most important protections against cyber threats are the inherent cybersecurity of the SIS itself and the practices surrounding system operation.
SIS/BPCS Architectures
Generally, the automation industry refers to three SIS/BPCS architectures: separate (or air-gapped), interfaced, and integrated (or integrated-but-separate). Cybersecurity relies, in part, on multiple layers of protection surrounding the systems. These layers of protection can include tactics such as user account management, a comprehensive approach to prevent inadvertent malware infections, and embedded lock functionality in logic solvers.
Separate (or air-gapped) SIS
As the name indicates, a separate safety system is isolated from the BPCS (figure 2) and potentially from other systems. The SIS is not connected in any way – physically or over a wireless network – to the BPCS. This architecture offers no automated way for malware to move between the SIS and BPCS, but also lacks efficient data exchange between the systems, which is important at facilities that rely on continuous operations. Reliable facility operation and process performance also require updated equipment. However, in the separate architecture, those updates can be difficult because the SIS equipment is typically kept offline and therefore must be updated or maintained each time it is connected, introducing delays, security risks and inconvenience.
Interfaced SIS
In an interfaced architecture (figure 3), information is transmitted between the SIS and the BPCS via standard industrial protocols, such as Modbus TCP, OPC Data Access (OPC DA), or OPC Unified Architecture (OPC UA). Communication between the systems should be restricted to operation only. This architecture is most often chosen when an SIS is added to a legacy BPCS.
Creating links between the systems is complicated because the designer must find security options that fit the engineered solution and tailor them to the organisation’s requirements. Firewalls alone are not enough. Today’s cybersecurity standards typically demand weaving together additional options such as antivirus, whitelisting, user access control and more. It must be understood that typically there is more than one connection. In addition to the BPCS, the SIS frequently connects to an Asset Management System to manage field devices, historians and event collectors. Connections between the SIS and the external systems must be secured and each one requires secured access that will require personnel to manage multiple sets of hardware and software.
Integrated SIS (also known as integrated-but-separate)
In an integrated architecture (figure 4), the SIS and BPCS might be referred to as an Integrated Control and Safety System (ICSS), such as an integrated SIS and a distributed control system (DCS). The SIS and the BPCS can share the same engineering tools and operator environment. However, the systems’ safety logic must run on dedicated hardware. To maintain independence, the systems must have defendable paths and offer the ability to lock configurations.
When applied to a DCS, the integrated architecture provides fewer data entry points and is strongly defendable thanks to the innate protections designed into each of the systems. In fact, a coordinated cybersecurity approach in and around the ICSS makes the integrated SIS/BPCS architecture as defendable as the interfaced architecture — and in most cases more so. And because cybersecurity is embedded in the integrated approach, no extra outside implementation is required.
ARC Advisory Group states [1]: “While all three integration approaches have their merits, the integrated-but-separate approach will ultimately become the architecture of choice for many end users, since it offers the most potential to minimise common cybersecurity threats between the systems.”
Cybersecurity Considerations
Each of these architectures can be hardened, and each to some degree can fit unique organisational requirements based on cybersecurity policies, risk assessment, knowledge, and the number and availability of personnel. Three areas – protecting system entry points, building mitigating layers of defence, and assuring continued security throughout the facility’s lifecycle – help determine the short- and long-term cybersecurity strategy for SIS.
Protecting System Entry Points
In an integrated SIS/BPCS architecture, the points of entry into the SIS are significantly reduced because the SIS is nested within the protective layer of the BPCS. No other entry points to the core SIS exist except through the BPCS gateway or proxy. This architecture is potentially the strongest of the three for operational and engineering tasks because access is controlled from a single infrastructure and tasks such as maintaining updates to the SIS can be performed easily. In addition, operational and engineering tasks are efficient because maintenance to the SIS can be performed through the BPCS interface.
Mitigating Layers of Defence
Mitigating layers of defence around each system contain protection mechanisms to help diminish cyber-threats that could compromise a system. Multiple layers of protection bolster the strength against unauthorised access. The layers include enforcing individuals’ physical presence with the system interface to prevent remote cyber-attacks. Architectures use layers of defence that best suit their needs and deter potential risks. And to varying degrees, layers for each architecture assist or detract from the daily task of process control.
In an integrated SIS/BPCS architecture, the SIS is embedded within the BPCS, which means facilities do not need to duplicate all cybersecurity protections for the two systems. An integrated-but-separate approach uses some common cyber-protection layers for both systems, in addition to separate and dedicated cyber-protection layers for the SIS. The SIS still has its own specific cybersecurity features such as the logic solver lock functionality. Compromising the BPCS does not automatically compromise the SIS thanks to the defence-in-depth approach around the SIS. The defences should include secure, hardened communication protocols between the BPCS and SIS that are resistant to attack; network segmentation through a firewall to block unwanted communications; and elements that require physical presence to change the SIS configuration to protect against credential compromise.
Lifecycle Maintenance
Cybersecurity must be addressed as part of lifecycle maintenance costs. But maintenance can be more difficult depending on the chosen architecture and facility conditions. In general, the more tasks required to maintain a defendable system, the larger the number of personnel who are needed and the more time demanded. The goal, therefore, is to have the strongest defendable architecture maintained in the most achievable and efficient methods by the organisation.
A fully integrated control and safety system can be easier to maintain over the lifecycle of the systems because the SIS is wrapped in layers of defence, many of which also defend the BPCS. Teams managing integrated architecture have layers that help protect both systems at the same time. For example, although the SIS has some additional built-in protections specifically for the SIS, anti-virus is provided for the ICSS as one system – which can automatically manage updates. In addition to the ease in layers of defence, integrated diagnostics provide lifecycle maintenance simplicity. For example, SIS-related alerts from smart devices can be sent easily via the BPCS to maintenance personnel to signal potential sensor or final element issues.
Eliminating Weak Links
Engineered links among systems typically require extra countermeasures to ensure secure operation. To engineer these links means using additional – often open – protocols which, if engineered improperly, can ultimately increase potential points of failure or introduce cybersecurity vulnerabilities.
When a change is required to the SIS or BPCS, any related mapping in the engineered interface between the two systems might also need to be changed. If the initial project team is not available to perform the change and ensure its cybersecurity readiness, different personnel must make changes – running the risk of introducing more security vulnerabilities. However, in an integrated architecture there are typically mechanisms in place to automatically prevent the introduction of additional cybersecurity risks. Such architectures are unlikely to require an engineered link between the two systems. The integrated approach simplifies the connection between the two systems and maintains that connection across the lifecycle of the equipment.
Systems such as the Delta V DCS and Delta V SIS from Emerson can detect the source of any changes, detect corruption in packets, and automatically perform some validation on data moving from BPCS to SIS (and vice versa) to ensure changes are authentic. In the interfaced architecture approach, a similar validation can be created on an engineered link between two different systems, but it requires complicated and time-consuming effort that can be avoided.
Cybersecurity Updates
In an integrated SIS/BPCS architecture, personnel do not need to manage two sets of defence-in-depth architectures for two separate systems, so time is saved in security change management and in downtime. In a properly designed ICSS, some layers of protection are common, and some layers of protection are specific to the SIS – increasing its overall protection. Cybersecurity updates such as operating system patches or antivirus signature updates can be automatically performed without external or difficult-to-regulate communication methods that could jeopardise the cybersecurity of the SIS. Since cybersecurity updates apply to both systems and both are updated at the same time, conflicts between the two systems’ security are avoided entirely.
Security Considerations for Safety System Bypasses
Bypasses on a safety system are necessary for maintenance purposes, and the system should be able to handle bypass permits – preventing multiple bypasses on the same safety function and automatically removing bypasses if necessary. In addition to the protections provided at the SIS level, it is also helpful to provide visibility of active bypasses. With an integrated safety system, bypass notifications are easily accessible on the ICSS workstations without the need to configure or modify the interface to the BPCS. Multiple users can be notified in the event of a bypass being set and even receive a notification on a mobile device.
[1] – Arc 2016 report for Process Safety Systems: Global Market Research Study
* The authors work for Emerson
(ID:46883982)
:quality(80)/p7i.vogel.de/wcms/39/12/3912b2943d35777e05e0367bc81b6bdf/0105069554.jpeg "With the new version 3.1 of its Simatic PCS neo web-based process control system, Siemens shows how the challenges of long life cycles will be mastered in the future. (Source: Siemens)")
:quality(80)/p7i.vogel.de/wcms/3b/60/3b605642a596077f5df363f2ab06b515/0110089797.jpeg "In 2019, chemical companies Hexion and Momentive Performance Materials witnessed cyberattacks which prevented them to access certain Information Technology (IT) systems as well as data. (Source: 2ragon - stock.adobe.com)")