Assessing Cybersecurity Risks for ICS/OT as a Part of Process Safety Management
Updated: Oct 17
In this article:
The number of attacks targeting industrial control systems (ICS) and operational technology (OT) systems has been escalating worldwide. From 2019 to 2023, these attacks have nearly doubled each year, not only in volume but also in the diversity of threat actors targeting ICS/OT environments and critical infrastructure. This growing threat makes the management of cybersecurity risks an integral part of process safety management for operators of safety-critical and complex process plants, such as refineries, oil platforms, and chemical plants. Addressing cybersecurity hazards is especially critical when considering functional safety requirements for safety instrumented systems (SIS) and adhering to standards such as IEC 61508/IEC 61511, IEC 62443, or the NIST Cybersecurity Framework.
Integrating Cybersecurity into Process Safety
Process Safety Management (PSM) is a fundamental responsibility for operators of safety-critical and complex process plants. In the event of a major accident, such as an explosion, fire, or toxic release, the consequences can be catastrophic, leading to loss of life, environmental damage, and severe financial loss. Historically, process safety management focused on hazards stemming from equipment failure, human error, or control system malfunctions—whether during the design or operational phases.
However, the rise of digitalization, the emergence of more sophisticated threat actors, and increased geopolitical tensions have introduced new challenges to process safety in the form of cyber-related risks. These new risks demand a holistic approach where ICS/OT-related security threats are integrated into the conventional technical and process safety management frameworks. Such an approach is particularly vital when addressing functional safety requirements for SIS and adhering to standards like IEC 61511.
Cybersecurity Risk Assessment (CSRA)
A Cybersecurity Risk Assessment (CSRA) is one of the most crucial activities in integrating cybersecurity into process safety. Typically conducted as a structured, multidisciplinary workshop, CSRA bears similarities to other hazard identification workshops in process safety management. The assessment starts by defining clear system boundaries, followed by dividing the system into logical subsystems based on architecture, topology, security policies, and other relevant factors.
During the risk assessment workshop, a customized set of guidewords and parameters is used to facilitate brainstorming and hazard identification. These guidewords are designed to identify various cybersecurity threats, such as unauthorized access, manipulation of SIS components, malicious software, supply chain vulnerabilities, obsolescence, and organizational or competence-related vulnerabilities.
Multidisciplinary Collaboration: A Key to Success
Traditional process hazard analysis (PHA) methods often overlook cybersecurity threats during both the design and operational phases of a system. Similarly, ICS/OT designers and integrators may have a limited understanding of the role safety systems play in preventing major accidents. This is where the multidisciplinary nature of the cybersecurity risk assessment becomes invaluable.
A holistic cybersecurity risk management strategy requires collaboration across multiple disciplines and stakeholders, including IT, automation system suppliers, engineering discipline experts (such as instrumentation and process engineers), operations and maintenance teams, and process safety specialists. Multidisciplinary cybersecurity workshops ensure that diverse perspectives are considered, providing comprehensive coverage of potential risks.
Outcomes of a Well-Conducted Cybersecurity Risk Assessment
A well-executed cybersecurity risk assessment yields actionable insights that enhance the robustness of security safeguards and barriers. These actions ensure that identified vulnerabilities are addressed, whether they involve technical, organizational, or human factors.
Moreover, adopting a holistic approach means integrating follow-up actions from process safety, process hazard analysis, and cybersecurity risk management into a unified framework. This ensures that all identified risks—whether related to safety or cybersecurity—are transparently managed in a traceable and coordinated manner. Such an integrated approach is critical for maintaining the overall resilience and safety of ICS/OT environments.