This website uses cookies primarily for visitor analytics. Certain pages will ask you to fill in contact details to receive additional information. On these pages you have the option of having the site log your details for future visits. Indicating you want the site to remember your details will place a cookie on your device. To view our full cookie policy, please click here. You can also view it at any time by going to our Contact Us page.

Baseefa Ltd

Hazardex 2019 Conference Presentations - Cybersecurity Risk Assessment: A Semi-Quantitative Approach for SIF

Author : Harvey T. Dearden, Engineering Director, HTS Engineering Group Ltd.

20 November 2018

The ISA standard employs the notion of security levels (SL 1-4); the clear temptation is to expect direct correspondence with safety integrity levels (SIL), but there is no such direct correspondence between SL and SIL.  The SL are so defined that they can identify a target requirement (SL=T) for comparison with equipment capability SL-C and the achieved security level (SL-A). 

The SLs have a notional correspondence with the degree of sophistication and determination associated with possible attacks.

This presentation describes an approach in which we can:

• assign a likelihood of an attack at any given security level as a function of the attractiveness of the target operation,

• establish a risk tolerability calibration, and

• determine SL targets on a quantitative basis from the PFD/PFH targets for the safety instrumented functions.

Consideration is given to the potential for common cause attacks on Safety Instrumented Functions and otherwise Independent Protection Layers by examining the co-incidence of these functions within the identified security zones on the zone and conduit drawing.

It also offers some thoughts on tolerable cybersecurity risk calibration in respect of non-safety business disruption impacts.

Given the nature of cybersecurity, significant uncertainty remains but the technique allows a coherent approach to risk assessment to promote proportionate investment in defence.

--

Harvey T. Dearden (BSc CEng FIET FIMechE FInstMC FIChemE) is Engineering Director of HTS Engineering Group and a director of SISSuite Ltd. and Time Domain Solutions Ltd.

He is actively involved with the Institute of Measurement & Control and specialties include: Implementation of IEC61508/61511 (SIL), DSEAR/ATEX; Development/troubleshooting of control systems/strategies; Development of engineering management policy/procedures; Auditing of fiscal measurement systems and Training on control/measurement/protection systems

He previously held senior engineering positions at Great Lakes Chemical, Associated Octel Company, Costain Oil and Gas & Process Ltd


Contact Details and Archive...

Print this page | E-mail this page