Abstract
With the promise of a synergistic impact on the Efficiency-Thoroughness Trade-Off, Marketing is increasingly promoting types of Industrial Control Systems (ICS) that by some means combine the two usually segregated core ICS functions into one. A Basic Process Control System (BPCS) is combined with a Safety-Instrumented System (SIS) in a physically integrated form factor using shared resources of some kind. This paper suggests such a strategic choice of technology can result in functional safety (FS) hazards or security vulnerabilities, giving rise to resilience concerns. It takes a skeptical view of such an approach and instead proposes strict segregation of such functions and resources. In the context of critical national infrastructure (CNI), where potentially high consequence events (HCE) may arise from unplanned incidents, the outcome of this paper is to warn against the use of such architecture - even beyond that arena. Both ancient and modern, yet similarly strategic, historical decisions are used as metaphors to illustrate how sometimes insufficiently scrutinised technologies can be later regretted. Practical technical, organisational, and cultural measures are offered to steer against the headwind of commercial pressures in promoting integrated FS and security of the BPCS-SIS environment. A contribution is made of evidence-based, business intelligence gathering measures for BPCS-SIS vendor selection together with a proposal for an alternative, adopted application of proven Uncertainty Assessment Reporting techniques for industrial certification bodies and business stakeholders alike.
Original language | English |
---|---|
Article number | 100535 |
Number of pages | 8 |
Journal | International Journal of Critical Infrastructure Protection |
Volume | 38 |
Issue number | 00 |
Early online date | 20 May 2022 |
DOIs | |
Publication status | E-pub ahead of print - 20 May 2022 |
Keywords
- Industrial control systems
- security
- safety
- complexity
- interdependence
- integration