Integrating safety requires attention to cyber security issues as well

Safety instrumented systems (SIS) demand integrator skills significantly more advanced than those required for the usual PLC project. A system integrator must be able to deliver a system proven to meet client requirements for the safety integrity level (SIL) of each safety instrumented function (SIF).

07/06/2010


Robust security systems that include defense-in-depth firewalls are increasingly more critical to ensuring the safe operation of automated machinery and industrial control systems. (Source: Invensys Operations Management)Safety instrumented systems (SIS) demand integrator skills significantly more advanced than those required for the usual PLC project. A system integrator must be able to deliver a system proven to meet client requirements for the safety integrity level (SIL) of each safety instrumented function (SIF). The integrator must also demonstrate the competency and qualifications to do SIS work.

The expertise required can extend far beyond just knowing how to program a SIS. For example, most safety systems need to have their communications functions integrated into the DCS communications infrastructure safely and securely. To do this, a system integrator must have the competency to configure and deploy the communications capabilities of the SIS and DCS.

Many integrators have some experience in this area because past projects have required them to set up communications to other intelligent systems at both the PLC level and the HMI level. Open standards like OPC Classic make it possible for integrators to work with a standard protocol that gives them greater flexibility. However, implementing via standards always involves certain risks.

Today’s projects also require system integrators to harden the communications integration by providing highly secure and robust systems. Cyber security is increasingly critical for maintaining control and safety integrity and for ensuring both communications security and integrity. Without it an integrator could deliver a system that could potentially experience a loss of view, or, worse, a loss of real-time data between the SIS and the DCS they are integrating. Meeting this challenge requires systems integrators to leverage the cyber security features of SIS and DCS, develop new tools, and develop new skill sets.

Leveraging cyber security features

In some cases, the systems integrator must work with the systems that are in place; in others, they might be involved in the selection of such systems. Systems must have communications and security solutions that are flexible enough to collaborate with a variety of third-party DCSs and easy enough to deploy so that the integrator can deliver the safety functions the client needs. It is also important that SIS functions are partitioned appropriately from the DCS functions so that a loss of communications or integrity will not prevent the safety system from performing its designed function, which is to keep the processes that require protection in a safe state.

Some SIS systems also self-police communications access. In one case, Invensys Operations Management (www.iom.invensys.com) collaborated with Byres Security (www.tofinosecurity.com), a cyber security firm, to add an OPC firewall to its Tricon Communications Modules (TCM). The firewall enabled a layer of defense-in-depth that lets systems integrators enjoy the flexibility and integration benefit of OPC Classic without worrying about security systems that have in the past been associated with DCOM-based systems.

“Past plant shutdowns, for example, haven’t been caused by hackers. Instead they were the result of badly configured software causing traffic storms that impacted critical controllers and other systems,” said Eric Byres, security expert and technical officer at Byres Security. “A reliable OPC firewall means that in addition to blocking hackers and viruses from accessing the safety system, integrators can deliver dynamic port management and built-in traffic-rate controls to prevent many basic network problems from spreading throughout a plant.”

The right tools

Sometimes meeting a client’s needs requires developing tools to augment vendor-supplied functionality. For example, Trinity Systems, a U.K.-based system integration firm experienced in safety systems integration, developed a remote viewer that takes advantage of the communications security features of the Triconex TCM and Triconex Firewall. The viewer allows the end user to have a simple and reasonably priced window into the SIS from the business or primary control networks, while the Triconex Tofino Firewall and the Triconex Communication Module’s on-board User Access Security Model ensures that it is a read-only window that can never impact the safety functionality. This combination of OPC-based accessibility with true defense-in-depth security lets Trinity provide cost-effective and secure access that would not have been possible even a year ago.

“Processors and manufacturers are continuously threatened by new and increasingly dangerous cyber attacks, which requires greater vigilance and security,” said Joe Scalia, portfolio architect, Invensys Operations Management. “An OPC firewall mitigates those risks by managing the traffic to and from the communications module, providing further assurance that a cyber incursion will not compromise integrated communications between the safety and critical control systems and supervisory HMI or distributed control systems.”

The right skills

Implementing the HMI portions of a safety system competently is also critical to securing communications between the SIS and the DCS. Communications integrity, including cybersecurity, must be ensured so that safety-based actions such as reads from the HMI to the safety system can be executed securely and without interruption.

Systems integrators today must be adept at securing transmission of controller real-time data and standard operating environment information as well as at adjusting control strategy parameters online, with full sensitivity to other system-based activities such as bypass management, SIL monitoring, safety alarm annunciation, and remote system diagnostics. In all of these, guaranteed viability of the communications capabilities ensures no loss of view or loss of data for the user.

More manufacturers seek to reduce costs by integrating safety and control systems. Opportunities abound for systems integrators who can meet these needs. Those who understand the cyber security features of control and safety systems, who develop tools to improve this integration, and who develop the right visualization and interoperability management competencies, will deliver their clients reliable and secure safety systems for the least cost.

Read more.

- Control Engineering Industrial Cyber Security blog;

- Automation cyber security research from Control Engineering; and

- Tofino security device.

- Neil Crompton is managing director, Trinity Systems Ltd.,  www.trinitysystems.com.



No comments
The Top Plant program honors outstanding manufacturing facilities in North America. View the 2015 Top Plant.
The Product of the Year program recognizes products newly released in the manufacturing industries.
The Engineering Leaders Under 40 program identifies and gives recognition to young engineers who...
Your leaks start here: Take a disciplined approach with your hydraulic system; U.S. presence at Hannover Messe a rousing success
Hannover Messe 2016: Taking hold of the future - Partner Country status spotlights U.S. manufacturing; Honoring manufacturing excellence: The 2015 Product of the Year Winners
Inside IIoT: How technology, strategy can improve your operation; Dry media or web scrubber?; Six steps to design a PM program
Getting to the bottom of subsea repairs: Older pipelines need more attention, and operators need a repair strategy; OTC preview; Offshore production difficult - and crucial
Digital oilfields: Integrated HMI/SCADA systems enable smarter data acquisition; Real-world impact of simulation; Electric actuator technology prospers in production fields
Special report: U.S. natural gas; LNG transport technologies evolve to meet market demand; Understanding new methane regulations; Predictive maintenance for gas pipeline compressors
Warehouse winter comfort: The HTHV solution; Cooling with natural gas; Plastics industry booming
Managing automation upgrades, retrofits; Making technical, business sense; Ensuring network cyber security
Designing generator systems; Using online commissioning tools; Selective coordination best practices

Annual Salary Survey

Before the calendar turned, 2016 already had the makings of a pivotal year for manufacturing, and for the world.

There were the big events for the year, including the United States as Partner Country at Hannover Messe in April and the 2016 International Manufacturing Technology Show in Chicago in September. There's also the matter of the U.S. presidential elections in November, which promise to shape policy in manufacturing for years to come.

But the year started with global economic turmoil, as a slowdown in Chinese manufacturing triggered a worldwide stock hiccup that sent values plummeting. The continued plunge in world oil prices has resulted in a slowdown in exploration and, by extension, the manufacture of exploration equipment.

Read more: 2015 Salary Survey

Maintenance and reliability tips and best practices from the maintenance and reliability coaches at Allied Reliability Group.
The One Voice for Manufacturing blog reports on federal public policy issues impacting the manufacturing sector. One Voice is a joint effort by the National Tooling and Machining...
The Society for Maintenance and Reliability Professionals an organization devoted...
Join this ongoing discussion of machine guarding topics, including solutions assessments, regulatory compliance, gap analysis...
IMS Research, recently acquired by IHS Inc., is a leading independent supplier of market research and consultancy to the global electronics industry.
Maintenance is not optional in manufacturing. It’s a profit center, driving productivity and uptime while reducing overall repair costs.
The Lachance on CMMS blog is about current maintenance topics. Blogger Paul Lachance is president and chief technology officer for Smartware Group.
This article collection contains several articles on the vital role that compressed air plays in manufacturing plants.
This article collection contains several articles on the Industrial Internet of Things (IIoT) and how it is transforming manufacturing.
This article collection contains several articles on strategic maintenance and understanding all the parts of your plant.
click me