Topic: Intrinsic Safety

• › Articles (102)
• › White Papers (28)
• › News (43)
• › Products (18)

Liar, Liar, Pants on Fire?
Our Very Own Ask the Experts Moderator Bela Liptak Learns a Lesson From One of Our Readers. Liptak Admits That Even Knowledgable People Can Be Wrong

Safety First?
The Wind Power Industry Is Experiencing a Learning Curve in Safety and Accident Prevention

Cybersecurity: Your Government Is Here to Help
From Training to Emergency Response, the U.S. Department of Homeland Security Stands at the Ready

Safety Has Different Tactics, But Identical Goals
Leaders from L'Oreal, PepsiCo and General Motors Share Safety Best Practices

More Articles »

White Papers: In Depth Research

De-mystifying GHG Monitoring and Reporting - Achieve Benefits from Compliance
Author: ISA, Patrick Truesdale, Senior Consultant, Emerson Process Management
Posted: 05/20/2011
Download this presentation to see a series of highlights from the Greenhouse Gas Mandatory Reporting Rule (GHG MRR). Learn about the general provisions, stationary combustion units, several industry specific requirements, what a green facilities of the future looks ike, what automation impact this facility will have and what the wnergy and carbon management impact would be.

Cybersecurity Through Real-Time Distributed Control Systems
Author: Oak Ridge National Laboratory
Posted: 01/10/2011
Critical infrastructure sites and facilities are becoming increasingly dependent on interconnected physical and cyber-based real-time distributed control systems (RTDCSs). A mounting cybersecurity threat results from the nature of these ubiquitous and sometimes unrestrained communications interconnections. Much work is under way in numerous organizations to characterize the cyber threat, determine means to minimize risk, and develop mitigation strategies to address potential consequences. While it seems natural that a simple application of cyber-protection methods derived from corporate business information technology (IT) domain would lead to an acceptable solution, the reality is that the characteristics of RTDCSs make many of those methods inadequate and unsatisfactory or even harmful. A solution lies in developing a defense-in-depth approach that ranges from protection at communications interconnect levels ultimately to the control system's functional characteristics that are designed to maintain control in the face of malicious intrusion. This paper summarizes the nature of RTDCSs from a cybersecurity perspective and discusses issues, vulnerabilities, candidate mitigation approaches, and metrics.

Using Tofino to Control the Spread of Stuxnet Malware
Author: Tofino
Posted: 11/30/2010

This application note describes how to use the Tofino Industrial Security Solution to prevent the spread of the Stuxnet worm in both Siemens and non-Siemens network environments.

What is Stuxnet?
Stuxnet is a computer worm designed to target one or more industrial systems that use Siemens PLCs. The objective of this malware appears to be to destroy specific industrial processes.

Stuxnet will infect Windows-based computers on any control or SCADA system, regardless of whether or not it is a Siemens system. The worm only attempts to make modifications to controllers that are model S7-300 or S7-400 PLCs. However, it is aggressive on all networks and can negatively affect any control system. Infected computers may also be used as a launch point for future attacks.

How Stuxnet Spreads
Stuxnet is one of the most complex and carefully engineered worms ever seen. It takes advantage of at least four previously unknown vulnerabilities, has multiple propagation processes and shows considerable sophistication in its exploitation of Siemens control systems.

A key challenge in preventing Stuxnet infections is the large variety of techniques it uses for infecting other computers. It has three primary pathways for spreading to new victims:
- via infected removable USB drives;
- via Local Area Network communications
- via infected Siemens project files

Within these pathways, it takes advantage of seven independent mechanisms to spread to other computers.

Stuxnet also has a P2P (peer-to-peer) networking system that automatically updates all installations of the Stuxnet worm in the wild, even if they cannot connect back to the Internet. Finally, it has an Internet-based command and control mechanism that is currently disabled, but could be reactivated in the future.

Product Safety Case Study Compliance Testing and Certification
Author: Moore Industries
Posted: 06/01/2010
Moore Industries believes it is of vital importance to have third-party SIS evaluation for plant safety provided by a company with global coverage and reputation. Earlier designs for process control and safety systems typically used "good engineering practices and experience" as their guidelines. As safety awareness evolved new standards started to evolve. International standards such as IEC 61508/61511 and U.S. born standards like ANSI/ISA84 require the use of more sophisticated guidelines for implementing safety. Unfortunately for manufacturers, compliance with IEC 61508 standards requires enormous documentation. In addition, more complex products require a greater depth of analysis. Software-based products such as those from Moore Industries are complex with their inherent programmable and flexible features unlike previous generation single function analog circuits.

More White Papers »