The safe and secure operation of critical infrastructure is dependent on appropriate responses to safety, security, and operational priorities into integrated control and safety systems (ICSS), at design stage and throughout the life of the system. Digitization as well as networked automation and control infrastructures have increased in the past years and are leading to remarkable potential security risks. Recent news about serious security incidents, such as the WannaCry ransomware, affecting the whole world are heard more often. The objective of this paper is to come up with an integrated and optimised evaluation framework for ICSS and related subsystems considering cybersecurity and safety. This can be achieved by the alignment of the cybersecurity framework formulated by the National Institute of Standards and Technology with safety and security standards ISA84 (IEC 61511) and ISA99 (IEC 62443), and the novel funnel risk graph method. The need of such alignment between safety and security has been recognized by the research community, the industry, as well as the International Society of Automation (ISA).
[1]
Cumberland Emergency,et al.
Framework for Improving Critical Infrastructure Cybersecurity News From Down Under
,
2014
.
[2]
Ludovic Piètre-Cambacédès,et al.
Cross-fertilization between safety and security engineering
,
2013,
Reliab. Eng. Syst. Saf..
[3]
Angelito Gabriel.
Design and Evaluation of Safety Instrumented Systems: A Simplified and Enhanced Approach
,
2017,
IEEE Access.
[4]
Elias Stipidis,et al.
Safety and security aware framework for the development of feedback control systems
,
2015
.
[5]
Aditya P. Mathur,et al.
Aligning Cyber-Physical System Safety and Security
,
2014,
CSDM Asia.
[6]
A. Ellis.
Integrating industrial control system (ICS) safety and security - a potential approach
,
2015
.
[7]
Gary Stoneburner.
Toward a Unified Security-Safety Model
,
2006,
Computer.