The inevitability of functional safety embracing cybersecurity risk

Guest blog by Nigel Stanley (Chief Technology Officer – Operational Technology and Industrial Cybersecurity CoE) – TÜV Rheinland (Risktec Solutions Ltd.)

Most people would agree that we are now at the start of the fourth (4.0) industrial revolution, also known as the current trend of automation and data exchange. The traditional slower pace of industry is now swept up in frenetic technology advances that are normally associated with information technology products and services.

The world of functional safety has enjoyed a well-defined, deterministic way of measuring and dealing with risk. Cybersecurity risk, on the other hand, is anarchic, volatile and constantly changing to present new threats on a second-by-second basis. Embracing Industry 4.0 inevitably means embracing the challenge of cybersecurity risk.

Considering both worlds together

As the fourth industrial revolution gains more momentum, there is increasing need to consider together the often disparate worlds of functional safety and cybersecurity when assessing industrial processing, Operational Technology (OT) protection & control systems, Internet of Things (IoT) and Industrial Internet of Things (IIoT) enabled equipment.

No longer can a process or piece of hardware be considered completely ‘safe’, in the traditional meaning of the word, if it makes use of computer or internet-based technology. Functional safety has got to consider the non-deterministic risks related to cybersecurity and embrace this new way of thinking.

Standards that offer a structured approach to manage functional safety and cybersecurity

Standards are starting to emerge and develop in the form of IEC 62443 and IEC 61508. These standards offer a structured approach that allows industrial automation operators, vendors and system integrators to manage functional safety and cybersecurity all together, in a proportionate and cost-effective manner.

Learn how to integrate both worlds

On the 28th of March 2018, CGE and Risktec Solutions Ltd. are organizing the Integrated approach to safety and security event in London. This event is free of charge and will provide you with the opportunity to learn how safety and security can be jointly assessed and any conflicts resolved. You will also learn what role bowtie analysis can play to realize the vision of integrated safety and security.

2018-03-14T11:57:01+00:00 Blog, Cyber security|

Leave A Comment