No standard adequately addresses instrument failure modes for security and safety

Sept. 5, 2017

The Namur NE43 standard gives guidance on how a sensor fault can be indicated to a control system by means of the 4-20mA signal. However, it doesn’t address cyber security considerations.

Recently, the Automation & Control Engineering Linkedin site asked the following question: Instrument Failure Mode- Fail High or Fail Low- Which Standard Covers This? Namur NE43 provides guidance on how a sensor fault can be indicated to a control system by means of the 4-20mA signal. Namur 43 defines a sensor fault when the current is below 3,6 mA or above 21 mA. According to Namur 43, process control systems such as PLCs or DCSs can identify faulty sensors, and production can be adjusted or stopped to avoid production loss or off-spec product. However, Namur 43 does not identify a sensor to be faulted if it is still in the 4-20maA range even if the sensor is no longer working. There have been several cases where 4-20 mA sensors have failed within the 4-20 mA range but were not identified as failures. Additionally, there have been cases when the sensors haven’t failed yet logic set them to failed conditions. The Bellingham, WA Olympic Pipeline rupture identified in http://www.controlglobal.com/blogs/unfettered/insecure-process-sensors-can-create-safety-security-and-resilience-vulnerabilities/ demonstrates how setting sensor values to a fixed "failed" condition can lead to Loss of Safety. Because there is a lack of authentication and cyber security in the process sensors and sensor protocols such as HART, Wireless HART, Profibus, and Fieldbus are cyber vulnerable, the existing approach set forth in Namur 43 may not be safe. As I am not aware of any cyber security or safety standard that addresses the impact of process sensor (4-20mA analog or digital) cyber security and safety, sensors will be a significant point of discussion at the October 23-26 ICS Cyber Security Conference in Atlanta.

Joe Weiss

Sponsored Recommendations

Make Effortless HMI and PLC Modifications from Anywhere

The tiny EZminiWiFi is a godsend for the plant maintenance engineers who need to make a minor modification to the HMI program or, for that matter, the PLC program. It's very easy...

The Benefits of Using American-Made Automation Products

Discover the benefits of American-made automation products, including stable pricing, faster delivery, and innovative features tailored to real-world applications. With superior...

50 Years of Automation Innovation and What to Expect Next

Over the past 50 years, the automation technology landscape has changed dramatically, but many of the underlying industry needs remain unchanged. To learn more about what’s changed...

Manufacturing Marvels Highlights Why EZAutomation Is a Force to Be Reckoned With

Watch EZAutomation's recent feature on the popular FOX Network series "Manufacturing Marvels" and discover what makes them a force to be reckoned with in industrial automation...