Tytuł artykułu
Autorzy
Treść / Zawartość
Pełne teksty:
Identyfikatory
Warianty tytułu
Języki publikacji
Abstrakty
This article addresses an integrated safety and security analysis approach of hazardous industrial plants and systems of critical infrastructure. Nowadays due to new hazards that emerge there are opinions among experts that these issues require an integrated approach in life cycle, from the design concept, through the design and operation of the plant, to its decommissioning. It is proposed to start from an interesting methodology known as the security vulnerability analysis (SVA) developed for hazardous plants of chemical industry. It is based on rings of protection concept to secure widely understood assets. This concept seems to be compatible with layer of protection analysis (LOPA), which is consistent with functional safety concept of the control and protection systems including cyber security aspects. It is outlined how to use these approaches in an integrated way for safety and security analysis of hazardous industrial plants and systems of critical infrastructure.
Rocznik
Tom
Strony
31--46
Opis fizyczny
Bibliogr. 28 poz., rys., tab.
Twórcy
autor
- Gdańsk University of Technology, Gdańsk, Poland
autor
- Gdańsk University of Technology, Gdańsk, Poland
autor
- Gdańsk University of Technology, Gdańsk, Poland
Bibliografia
- [1] API (2005). Security Guidelines for the Petroleum Industry. American Petroleum Institute, Washington.
- [2] Białas, A. (2007). Advanced IT Security Development Process - through Enhancement of IT Security Development Process to better Assurance. In: Functional safety management in critical systems (Ed. K.T.Kosmowski). Fundacja Rozwoju Uniwersytetu Gdańskiego, Gdańsk.
- [3] Białas, A. (2008). Semiformal Common Criteria Compliant IT Security Development Framework. Studia Informatica, Silesian University of Technology Press, Gliwice.
- [4] Brinkman, B., et al. (2015). Regulation of Physical Security for the Electric Distribution System. California Public Utility Commission.
- [5] Cambacédès, L. P. & Chaudetb, C. (2010). The SEMA referential framework: Avoiding ambiguities in the terms “security” and “safety”. International Journal of Critical Infrastructure Protection 3 (55-66).
- [6] Dołęga, W. (2011). The role of distribution system operator in the context of energy security – the case of Poland, Przegląd Elektrotechniczny (Electrical Review) 2 (57-60).
- [7] ENISA (2012). Smart Grid Security: Recommendations for Europe and Member States. European Network and Information Security Agency.
- [8] Guidance on the Treatment of Uncertainties Associated with PRAs in Risk-Informed Decision Making (2009), Office of NRR, NUREG-1855, Vol. 1, US NRC.
- [9] Holmgren, A. J. (2006). A Framework for Vulnerability Assessment of Electric Power Systems. Division of Safety Research, Royal Institute of Technology. KTH Sweden.
- [10] IAEA INSAG24 (2010). The Interface Between Safety and Security at Nuclear Power Plants. International Atomic Energy Agency, Vienna.
- [11] IEC 61508 (2010). Functional Safety of Electrical/ Electronic/ Programmable Electronic Safety-Related Systems, Parts 1-7. International Electrotechnical Commission. Geneva.
- [12] IEC 61511 (2014). Functional safety: Safety Instrumented Systems for the Process Industry Sector. Parts 1-3. International Electrotechnical Commission, Geneva.
- [13] IEC 62443 (2008-2013). Network and system security for industrial-process measurement and control. Parts 1-12, International Electrotech-nical Commission. Geneva.
- [14] ISO/IEC15408 (1999). Information Technology. Security Techniques. Evaluation Criteria.
- [15] ISO/IEC 27001 (2005). Information technology. Security techniques. Information security management systems. Requirements.
- [16] Kisner, R. A., et al. (2010). Cybersecurity through Real-Time Distributed Control Systems. Oak Ridge National Laboratory, ORNL/TM-2010/30.
- [17] Klimburg, A. (Ed.) (2012). National Cyber Security: Framework Manual. NATO Cooperative Cyber Defence Centre of Excellence (NATO CCD COE), Tallinn.
- [18] Kosmowski, K. T., Śliwiński, M. & Barnert, T. (2006). Functional safety and security assessment of the control and protection systems. ESREL2006, Estoril. Taylor & Francis Group, London.
- [19] Kosmowski, K. T., Śliwiński, M., Barnert, T. & Porzeziński, M. (2012). Functional Safety Assessment within the Risk Informed Decision Making Process. Joint PSAM 11 & ESREL 2012 Conference, Helsinki.
- [20] Kosmowski, K. T. (2013). Functional safety and reliability analysis methodology for hazardous industrial plants. Gdańsk University of Technology Publishers.
- [21] Lewis, T.G. (2006). Critical Infrastructure Protection in Homeland Security: Defending a Networked Nation. Wiley-InterScience, John Wiley & Sons, Hoboken.
- [22] LOPA (2001), Layer of Protection Analysis, Simplified Process Risk Assessment. Center for Chemical Process Safety. American Institute of Chemical Engineers, New York.
- [23] OECD/IFP (2011). Project on Future Global Shocks. Reducing Systemic Cybersecurity Risk. IFP/ WKP/ FGS.
- [24] Radvanovsky, R. (2006). Critical Infrastructure: Homeland Security and Emergency Preparedness. Taylor & Francis Group, London.
- [25] SINTEF SeSa (2007). The SeSa Method for Assessing Secure Remote Access to Safety Instrumented Systems. SINTEF A1626.
- [26] Stouffer, K., Falco, J., Scarfone, K. (2013). Guide to Industrial Control Systems (ICS) Security. Recommendations of the National Institute of Standards and Technology. NIST Special Publication, 800-82.
- [27] SVA (2003). Guidelines for Analyzing and Managing the Security Vulnerabilities of Fixed Chemical Sites. Center for Chemical Process Safety of the American Institute of Chemical Engineers, New York.
- [28] Wang, W. & Lu, Z. (2013). Cyber security in the Smart Grid: Survey and challenges. Computer Networks 57, 1344-1371.
Typ dokumentu
Bibliografia
Identyfikator YADDA
bwmeta1.element.baztech-492ba79c-301e-4b06-ba0e-a6dc46b9d49e