论文信息 - Secure remote access to autonomous safety systems: A good practice approach

Secure remote access to autonomous safety systems: A good practice approach

Safety instrumented systems (SIS) as defined in IEC 61508 and IEC 61511 are very important for the safety of offshore oil and natural gas installations. Partly as a consequence of the evolving 'integrated operations' concept, a need is emerging for remote access to such systems from vendors external to the operating company. This access will pass through a number of IP-based networks used for other purposes, including the open internet. This raises a number of security issues, ultimately threatening the safety integrity of SIS. In this article, we present a layered network architecture that represents current good practice for a solution to ensure secure remote access to SIS. Also, a method for assessing whether a given solution for remote access to SIS is acceptable is described.

[1] 日本規格協会. 情報技術-セキュリティ技術-情報セキュリティマネジメントシステム-要求事項 : 国際規格ISO/IEC 27001 = Information technology-Security techniques-Information security management systems-Requirements : ISO/IEC 27001 , 2005 .

[2] Erwin Schoitsch. Design for Safety and Security of Complex Embedded Systems: A Unified Approach , 2005 .

[3] T. O. Grötan,et al. THE INFLUENCE ON ORGANIZATIONAL ACCIDENT RISK BY INTEGRATED OPERATIONS IN THE PETROLEUM INDUSTRY , 2010 .

[4] M. Naedele,et al. Standardizing industrial IT security - a first look at the IEC approach , 2005, 2005 IEEE Conference on Emerging Technologies and Factory Automation.

[5] Enrico Zio,et al. Safety and reliability for managing risk : proceedings of the European Safety and Reliability Conference 2006 (ESREL 2006), Estoril, Portugal, 18-22 September, 2006 , 2006 .

[6] Timothy Grance,et al. Guide to Supervisory Control and Data Acquisition (SCADA) and Other Industrial Control System Security , 2006 .