In 2017, a Middle Eastern petrochemical facility had the unfortunate distinction of being the first known victim of malware specifically targeted at process safety systems. Thanks to TRITON, the oil and gas industry became ground zero for the convergence of safety-instrumented-system process safety and inductrial-control-system (ICS) cybersecurity. Suddenly, the relatively obscure world of process safety systems, which had never seriously been considered a cyber vulnerability, was in the spotlight.
Process safety systems are designed to be safe but not necessarily cyber-secure. The oil and gas industry, from upstream applications, such as oilfields and offshore platforms, to downstream applications, such as refining and petrochemicals, have the largest installed base of process safety systems by a wide margin and thus are most at risk.
The TRITON/TRISIS/HatMan malware incident proved that the worlds of process safety and industrial control systems should be looked at holistically, not just from the standpoint of potential cyberthreats. This requires a unified approach to monitoring control system and process safety assets and applying the large body of knowledge that exists in the process safety domain to the world of ICS cybersecurity.
In the Land of Undocumented Devices
Process safety systems are often the last line of defense between an abnormal situation in a refinery or petrochemical plant and a plant incident. Plant incidents can range from the relatively minor to large-scale explosions and fires that have claimed hundreds of lives at process plants and their surrounding communities. In the event of an abnormal situation, the safety system trips and either shuts down the plant or brings it to an otherwise safe state.
The cybersecurity community frequently refers to process safety controllers as “undocumented devices” because they typically exist separately from the more common industrial control or distributed control systems that handle the bulk of plant control applications.
Process safety systems aren’t the only systems that fall under this category. There are untold numbers of installed compressor control systems, burner management systems, storage terminal automation systems, and other ancillary systems that exist outside the realm of higher profile ICS systems. All of these control critical applications in industrial plants but have not received much attention when it comes to cybersecurity.
Read the full story here.
Don't miss our latest HSE content, delivered to your inbox twice monthly. Sign up for the HSE Now newsletter. If you are not logged in, you will receive a confirmation email that you will need to click on to confirm you want to receive the newsletter.
11 - 12 Nov 2019
- Golden, Colorado
Engage with experts and attendees to better understand and enhance the best HSE practices for well completions
11 - 13 Nov 2019
- San Antonio, Texas, USA
Get up to date with the latest developments
18 - 19 Nov 2019
- Brisbane, Australia
Expanding Unconventionals - Making it Happen. Providing new perspectives in optimising unconventional resources
18 - 20 Nov 2019
- Islamabad, Pakistan
Reserve your place today!
19 - 21 Nov 2019
- Banff, Alberta, Canada
Plan your attendance today at this symposium
11 - 12 Sep 2019
- Abu Dhabi, UAE
Reserve your place
11 - 12 Sep 2019
- Bakersfield, California, USA
Combine engineering with computer programming in this 2-day course
HSE Now is a source for news and technical information affecting the health, safety, security, environment, and social responsibility discipline of the upstream oil and gas industry.
©2003-2019 Society of Petroleum Engineers, All Rights Reserved.