SIS secure architecture
We have discussed ICS architecture and examples of incidents (such as the 2017 TRISIS attack) that primarily targeted the SIS. This prompted asset owners, operators, and suppliers to reconsider and reevaluate how safety functions can be better protected and to closely consider how information could be safely exchanged between BPCSs and SISs. This resulted in a few architecture options being initiated, driven by the User Association of Automation Technology in Process Industries (NAMUR) and the International Society of Automation (ISA).
Neither of the standards for either cybersecurity or functional safety prescribe a necessary architecture for an SIS. Thus, it is up to the user to determine the optimal configuration to secure the BPCS from the SIS, in terms of both logical and physical separation. As a consequence, there are three principal ways in which SIS networks can be laid out:
- A completely separated, air-gapped system
- An interfaced SIS...
