Regulatory modifications in 2010 have raised important issues in design and use of industrial safety systems. Certain changes in IEC 61508, now being widely implemented, mean that designers and users who desire full compliance must give new consideration to topics such as SIL levels and the transition from 1H to 2H methodologies.09/16/2014
When a storage facility's tank level rises above safe limits, a logic solver that is part of a Safety Instrumented System (SIS) initiates final elements to restore the process to a safe state. This can include shutting off input feeds to the tank by isolating the pump and closing the input valve. This white paper explores the possibilities available to SIS designers of tank overfill protection systems when using a logic solver. It includes examples of system topographies and their associated Safety Integrity Level (SIL) calculations.12/05/2013
The approach that both government and business has taken to ICS cybersecurity of critical infrastructure assets over the last 10 years is systemically flawed and doomed to failure03/04/2013
This Control Essentials Guide is the first in a continuing series of interactive PDFs by the editors of Control. Essentials of Safety Instrumented Systems is designed to provide process industry professionals with an up-to-date, top-level understanding of the most important SIS issues. From fundamental concepts and terminology to the ongoing debate over integrated vs. stand-alone safety systems, get up to speed quickly on the key technology and marketplace drivers.01/28/2013
Preventing the next Stuxnet-like attack on the control world might be impossible, but operators can mitigate the effects and contain worms and viruses through early detection.01/07/2013
Industrial control networks are highly vulnerable to intelligent remote attacks, as well as non-intelligent viruses. With threats to these networks increasing in complexity and scope, decision makers need to take action before it's too late.01/04/2013
This White Paper explains:
- What the 3S CoDeSys vulnerabilities are and what an attacker can do with them
- How to find out what control/SCADA devices are affected
- The risks and potential consequences to SCADA and control systems
- The compensating controls that will help block known attack vectors
A number of security vulnerabilities in the CoDeSys Control Runtime System were disclosed in January 2012. In October 2012, fully functional attack tools were also released to the general public.
While CoDeSys is not widely known in the SCADA and ICS field, its product is embedded in many popular PLCs and industrial controllers. Many vendors are potentially vulnerable, and include devices used in all sectors of manufacturing and infrastructure. As a result, there is a risk that criminals or political groups may attempt to exploit them for either financial or ideological gain.
This White Paper summarizes the currently known facts about these vulnerabilities and associated attack tools. It also provides guidance regarding a number of mitigations and compensating controls that operators of SCADA and ICS systems can take to protect critical operations.12/26/2012
Flameproof enclosure (Ex d) and intrinsic safety (Ex i) are very common equipment protection methods in Process Automation. One reason to use Ex d is the amount of energy which could not be provided via Ex i. This disadvantage has gone with the introduction of intrinsically safe, dynamic methods of arc prevention such as DART or Power-i. This white paper shows that when using intrinsic safety, installation, maintenance and inspection costs will be reduced.
This paper addresses decision makers and professionals responsible for automation systems in hazardous areas. A good understanding of the principles of explosion protection is required.07/10/2012
Download this presentation to see a series of highlights from the Greenhouse Gas Mandatory Reporting Rule (GHG MRR).05/20/2011
Critical infrastructure sites and facilities are becoming increasingly dependent on interconnected physical and cyber-based real-time distributed control systems (RTDCSs). A mounting cybersecurity threat results from the nature of these ubiquitous and sometimes unrestrained communications interconnections.01/10/2011
This application note describes how to use the Tofino Industrial Security Solution to prevent the spread of the Stuxnet worm in both Siemens and non-Siemens network environments.
What is Stuxnet?
Stuxnet is a computer worm designed to target one or more industrial systems that use Siemens PLCs. The objective of this malware appears to be to destroy specific industrial processes.
Stuxnet will infect Windows-based computers on any control or SCADA system, regardless of whether or not it is a Siemens system. The worm only attempts to make modifications to controllers that are model S7-300 or S7-400 PLCs. However, it is aggressive on all networks and can negatively affect any control system. Infected computers may also be used as a launch point for future attacks.
How Stuxnet Spreads
Stuxnet is one of the most complex and carefully engineered worms ever seen. It takes advantage of at least four previously unknown vulnerabilities, has multiple propagation processes and shows considerable sophistication in its exploitation of Siemens control systems.
A key challenge in preventing Stuxnet infections is the large variety of techniques it uses for infecting other computers. It has three primary pathways for spreading to new victims:
- via infected removable USB drives;
- via Local Area Network communications
- via infected Siemens project files
Within these pathways, it takes advantage of seven independent mechanisms to spread to other computers.
Stuxnet also has a P2P (peer-to-peer) networking system that automatically updates all installations of the Stuxnet worm in the wild, even if they cannot connect back to the Internet. Finally, it has an Internet-based command and control mechanism that is currently disabled, but could be reactivated in the future.11/30/2010
Moore Industries believes it is of vital importance to have third-party SIS evaluation for plant safety provided by a company with global coverage and reputation.06/02/2010
The date of January 1, 2005 sits vividly in the minds of manufacturers within the industrial control panel field. That's because that's the day when the National Fire Protection Association's (NFPA) National Electrical Code (NEC) 2005 Article 409 officially went into effect. The code required that short circuit current rating be clearly marked on the industrial control panels in order to be inspected and approved. The markings made it easier to verify proper over-current protection against hazards such as fires and shocks on components or equipment, whether it be for initial installation or relocation. It was the beginning of an era when things would become a little more complicated, but for all the right reasons of ensuring more safety within the industrial world.
The main vision of the NFPA is to reduce or limit the burden of fire and other hazards on the quality of life by providing and advocating scientifically based consensus codes and standards, research, training and education. These codes and standards were established to minimize the possibility of and effects of fire and other risks. Due to misinterpretations, inconsistencies and advancements in technology over the years, they have had to update their codes with consistency in order to comply with existing standards.
Therefore, the focus of this paper will look at the changes that occurred due to Article 409, the impacts that it had, who was affected by the code and how to comply with the code. Precautions like this article had been enforced in the past, but they were too vague, so people found ways to get around them.
The biggest change that took place within the article was the new requirements adopted for industrial machinery electrical panels, industrial control panels, some HVAC equipment, meter disconnect switches and various motor controllers. For the purpose of this paper, we will be concentrating on industrial control panels which are specified as assemblies rated for 600V or less and intended for general use. All in all, it states that the above products must feature a safe design and be clearly marked with specific information concerning Short Circuit Current Rating (SCCR) in efforts of aiding with the designing, building, installation and inspection of the control panels. This way, the above users can both reference and apply all the needed requirements for all new products and installations as well as for modifying existing ones.05/17/2010
As production runs ever closer to equipment and facility operating limits and new plants come on line in expanding and developing economies, the pressure to design and operate systems more safely and economically is increasing. A key to meeting this goal is having competent people who are knowledgeable and experienced in applying the IEC 61508 and IEC 61511 / ISA 84 functional safety standards. To develop and measure an individual's safety engineering competence, several personnel functional safety certification programs have been created. This paper will discuss why these programs are needed and the benefits they deliver to individuals and companies alike. It will also review the characteristics and differences of the various certification programs on the market today, things to watch out for, and some important questions to ask when selecting a certification program.03/05/2010
Moore Industries believes it is of vital importance to have third-party SIS evaluation for plant safety provided by a company with global coverage and reputation. Earlier designs for process control and safety systems typically used "good engineering practices and experience" as their guidelines. As safety awareness evolved new standards started to evolve. International standards such as IEC 61508/61511 and U.S. born standards like ANSI/ISA84 require the use of more sophisticated guidelines for implementing safety. Unfortunately for manufacturers, compliance with IEC 61508 standards requires enormous documentation. In addition, more complex products require a greater depth of analysis. Software-based products such as those from Moore Industries are complex with their inherent programmable and flexible features unlike previous generation single function analog circuits.
Some companies are actively attempting to bypass the vital third party certification by proclaiming self certification to IEC 61508. This is not in the best interest of end users or the safety industry in general. Self certification is analogous as someone proclaiming compliance without third party testing on a hazardous area approval (such as Intrinsically-Safe).
Moore Industries has been working for many years with customers who require products for safety systems, including those compliant with worldwide safety standards such as ANSI/ISA 84 and IEC 61508/61511. To assist customers in determining if their instruments are appropriate for specific safety systems, Moore Industries has been providing Failure Modes, Effects and Diagnostic Analysis (FMEDA) reports for key products, and has been involved in the evolution of the IEC 61508 standard. As this standard has become more widely recognized and adopted by worldwide customers it was clear that end users were looking for products which had been designed to IEC 61508 from their initial concept. Customers are demanding not only compliance to the standards but verification from an independent third party agency such as TUVRheinland.03/03/2010
Enterprises with industrial operations typically utilize at least two types of computer networks Information Technology (IT) - a network that supports enterprise information system functions like finance, HR, order entry, planning, email and document creation; and Operational Technology (OT) - a network that controls operations in real-time. This second type of network supports realtime or control system products, generally referred to as Supervisory Control and Data Acquisition (SCADA) systems, Distributed Control Systems (DCS), Energy Management Systems (EMS) or Manufacturing Execution Systems (MES), depending on the industry.
There has been much discussion and debate around the convergence between Information Technology (IT) and Operational Technology (OT). In an effort to provide better visibility and information flow between revenue generating OT assets and enterprise applications, these systems have often been interconnected, in many cases without properly securing the control systems from cyber attack first. If the IT and OT networks are interconnected, yet not properly secured, a breach to one network can easily transverse to the other, leaving the entire computing infrastructure at risk.
At first glance, interconnected IT and OT networks appear to share similar technologies and so a common approach to cyber-security might be indicated. However, upon deeper inspection, many important differences in IT and OT networks will be revealed. The unique characteristics of OT systems and networks preclude many traditional IT enterprise security products from operating safely without impairing operations, and when introduced, can provide significant disruption and downtime to these real-time, revenue generating assets.
This paper is intended to educate IT professionals on the unique requirements of operational technology and what is required to properly secure these networks from cyber attack, so that organizations can assure security, reliability and safety of information and revenue generating assets.02/26/2010
Whitelisting is described by its advocates as "the next great thing" that will displace anti-virus technologies as the host intrusion prevention technology of choice. Anti-virus has a checkered history in operations networks and control systems many people have horror stories of how they installed anti-virus and so impaired their test system that they simply couldn't trust deploying it in production.
While anti-virus systems detect "bad" files that match signatures of known malware, whitelisting technologies identify "good" executables on a host and refuse to execute unauthorized or modified executables, presumably because such executables may contain malware. This is a least privilege approach of denying everything that is not specifically approved.
In this paper the Industrial Defender team performs an independent analysis of a variety of whitelisting solutions for their applicability to control systems. The paper closes with some recommendations related to this technology and areas for further research.02/26/2010
The need: Lower life cycle costs and better information flow. The solution: New standards offer more choices for integrating safety and process control
The specialty chemical industry is facing a number of difficult challenges, including increasingly stringent safety and compliance mandates, higher energy and feedstock prices, and aging plants and equipment all intensified by global competition. Compounding these challenges is the expanding breadth of specialty chemical product categories, forcing manufacturers to dedicate major resources and continuously innovate to maintain market share and capitalize on new opportunities.
Despite the size of the industry and the increase in worldwide demand for all types of specialty chemicals, margins must be managed closely due to rising costs, more demanding customers, and the fact that all products no matter how innovative eventually go off-patent and face stiff competition. While operating a chemical plant is tough business, opportunities exist for companies to optimize their investments and improve both productivity and their financial performance.
Risks prevail wherever people store, process or handle hazardous or toxic materials. In the specialty chemical industry, these risks are compounded because the hazard has the potential to impact a numerous of people. A spill of a toxic agent or explosion could be hazardous to a population within a plant or the surrounding area. One growing area of focus in recent years is the critical value of safety in protecting people, and helping safeguard the environment and plant assets, as well as reducing lifecycle costs.
This paper explores how changes in industry standards and technology developments are expanding how safety systems are applied in specialty chemical applications. It also examines the operational and competitive advantages driving the trend toward separate yet interoperable safety and process control platforms with common development tools. These benefits include reduced life cycle costs, expanded access to process data and improved plant-wide integration.04/17/2009
The increased use of plant floor automation to achieve production goals has created a dependency on PLCs, PC control systems and programmable automation. These devices and their logic programs are costly to develop but vital to the running of the plant, and are viewed by most companies as corporate assets. It is incumbent on plant and corporate management to insure that proper safeguards are in place to protect and manage change in these assets. This paper examines the sources and types of changes that take place in plant automation environments, and the considerations and approaches necessary to safeguard your automation systems through the effective use of a Change Management System (CMS).01/15/2009
Security Pacesetters What Are They doing?05/08/2008