By Gregory Hale
Safety is evolving and the days of the stand alone system that remains as far away from the control system as possible are going away.
While at first glance it may seem easier to secure a standalone safety system, it really is not, said Tomas Lindstrom, BU cyber security manager at ABB during his presentation on “Implementing a safety and secure safety instrumented system in an integrated environment” during ABB Automation and Power World in Orlando, FL, Tuesday.
Security and safety do work hand in hand. While they may offer protection form opposite ends, the two are compatible. After all, security keeps machines safe from people, while safety keeps people safe from machines.
In the past, there was always the assumption safety systems need to be isolated and living in an air-gapped world. But when it comes to isolated units, Lindstrom said there is no such thing as an air gap.
“Even if you think your system is isolated, you are exposed to threats anyway. There is usually a path into the safety system. Isolation is not a security system.”
Lindstrom talked about the three types of safety systems, the isolated system, the interfaced system and the integrated system.
The interfaced system is essentially a safety system and control system united via some type of interface like a gateway or a bridge. That type of system does not have security designed in, Lindstrom said.
The integrated system, though, has security designed in from the beginning.
“You have an overview of the whole system,” he said. “An operator can work in one environment and make a decision by the operator much easier.”
But to understand how an integrated system stays secure, an end user needs to have undergone a risk assessment to know what areas need the most coverage, they need a solid security framework and a good defense in depth program.
Lindstrom talked about the SD3 + C Security Framework that talks about:
• Secure by design
• Secure by default
• Secure in deployment
When it comes to a defense in depth plan, Lindstrom said they follow the ISA99, or IEC 62443-3-3, standard. He said there are four pillars he focuses on. One is knowing who is about to do what, the other is protection of the system, the other is detecting problems and the fourth was managing system resources.
Protecting the system is all about integrity, data confidentiality and restricting data flow, Lindstrom said. While detecting problems is about situation awareness.
While an integrated safety system works off the control system, the two systems differ. They both have separate controllers dedicated to the individual system. So they are separate on the same wire.