Automation architectures extend beyond the instrumentation and control systems to safety instrumented systems, asset management systems, manufacturing execution systems, and more. All these systems and devices must be considered in managing strong cyber defenses.
In an Industrial Safety and Security Source article, Considerations in Choosing a Defendable Safety System Architecture, Emerson’s Sergio Diaz and Alexandre Peixoto focus on the basic process control system (BPCS) and safety instrumented system (SIS). They compare various architectures from a cybersecurity perspective.
Sergio and Alexandre open highlighting some of the relevant safety standards.
International Society of Automation (ISA) guidelines require that, among other things, safety-critical assets be logically or physically zoned away from non-safety-critical assets. The guidelines from the User Association of Automation Technology in Process Industries (NAMUR) define three zones that likewise must be logically separated.
They describe the 3 basic types of BPCS/SIS architectures:
…separate (or air-gapped), interfaced, and integrated but separate. Each has degrees of connection and security options.
Separate means the:
…SIS is not connected in any way — physically or over a wireless network — to the BPCS. This architecture offers no automated way for malware or data to move between systems.
In an interfaced architecture:
…information is transmitted between the SIS and the BPCS via standard industrial protocols, such as Modbus TCP, OPC Data Access (OPC DA), or OPC Unified Architecture (OPC UA). Communication between the systems should be restricted to operation only.
For an integrated yet separate architecture, the:
…SIS and the BPCS can share the same engineering tools and operator environment. However, the systems’ safety logic must run on dedicated hardware.
Separate yet integrated architecture
Cybersecurity considerations for each architecture include:
…protecting system entry points, building mitigating layers of defense, and assuring continued security throughout the facility’s lifecycle… [These] help determine the short- and long-term cybersecurity strategy for SIS.
Read the article as Sergio and Alexandre identify strengths and weaknesses of each of these 3 consideration areas against the 3 BPCS/SIS architectures. While it may seem intuitive that a fully air-gapped SIS would be the most secure, this may not be the case.
Visit the Cybersecurity for DeltaV Systems section on Emerson.com for more on the strategy, tools and solutions to maintain robust cyber defenses for your automation architecture. You can also connect and interact with other control, safety & cybersecurity experts in the Control & Safety Systems group in the Emerson Exchange 365 community.
The post Cybersecurity Considerations for Automation Architectures appeared first on the Emerson Automation Experts blog.
This is the official online community site of the Emerson Global Users Exchange, a forum for the free exchange of non-proprietary information among the global user community of all Emerson Automation Solution's products and services. Our goal is to improve the efficiency and use of automation systems and solutions employed at members’ facilities by sharing our knowledge, experiences, and application information.
User Groups |
World Areas |
Community Guidelines |
Legal Information |
Contact Community Manager
Website translation provided by
© 2015-2020 Emerson Global Users Exchange. All rights reserved.