Abstract
Abstract
Process plants, including oil and gas production facilities, need to be protected against physical consequences generated from cyber-attack. While a lot of effort has been placed on securing the computer systems themselves, the design of the facility is often ignored, but is the most important component of the defense against cyber-attack. It is possible to build plants that are inherently safe against cyber-attack by designing in systems and safeguards - such as relief valves and current overload relays - that are not vulnerable to this threat vector.
This paper will review the most common methods for process hazards analysis (PHA) of process industry plants, and then supplement those methods with a "cyber review". The purpose of the cyber review is to determine if there are any cyber-attack vectors that can cause significant physical damage to the facility, and if so, make recommendations for modifying one or more of the safeguards in a cyber-vulnerable vector so that they are not vulnerable to cyber-attack.
The approach that will be discussed includes analysis of the causes of safety incidents, the safeguards that prevent the causes from resulting in consequences, and the magnitude of the consequences that might result from the realization of these hazards. The discussion will include a case study from the oil and gas industry where a Hazards and Operability (HAZOP) study was assessed using a PHA cyber review in order to determine whether or not the facility was inherently cyber-safe, and if not, make recommendations for design modifications that would make the facility cyber-safe.
Cited by
1 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献
1. Analysis Techniques;Springer Series in Reliability Engineering;2019-09-12