My Account Log in

1 option

Security PHA review for consequence-based cybersecurity / Edward M. Marszal, James McGlone.

Knovel General Engineering & Project Administration Academic Available online

View online
Format:
Book
Author/Creator:
Marszal, Edward M., author.
McGlone, James, author.
Language:
English
Subjects (All):
Computer security.
Physical Description:
1 online resource (165 pages)
Place of Publication:
Research Triangle Park, North Carolina : ISA, [2019]
System Details:
Mode of access: World Wide Web.
Summary:
By focusing on hazard and operability studies (HAZOPs) designated scenarios, it is possible to identify hackable scenarios, rank them appropriately, and design non-hackable safeguards—such as relief valves and current overload relays—that are not vulnerable to the cybersecurity threat vector. Where inherently secure safeguard design is not feasible, the appropriate cybersecurity countermeasures must be deployed. The first step in this decision-making process is the application of a methodology for assessing the potential risks posed by a cyberattack on these process plants. In the process industries, the most widely accepted process for identifying hazards and assessing risk is the process hazard analysis (PHA) method, most commonly performed through a HAZOP. This book reviews the most common methods for PHA of process industry plants and then explains how to supplement those methods with an additional security PHA review (SPR) study to determine if there are any cyberattack vectors that can cause significant physical damage to the facility. If these attack vectors are present, then the study methodology makes one of two recommendations: (1) modify one or more of the safeguards so that they are not vulnerable to cyberattack or (2) prescribe the appropriate degree of cyberattack safeguarding through the assignment of an appropriate security level. SPR examples provide insight for implementing these recommendations.
Contents:
Security PHA review for consequence-based cybersecurity
Contents
Foreword
Preface
About the Authors
1. Introduction
2. Overview of the ISA/IEC 62443 Series
3. Limitations of Cybersecurity Risk Analysis Methods
4. Process Hazard Analysis Overview
5. The SPR Study Process
6. Non-Hackable Safeguards
7. Security PHA Review Examples
8. Conclusions
Appendix A: Acronyms
Appendix B: Definitions
Appendix C: Sample Risk Tolerance Criteria
Appendix D: ISA/IEC 62443 Security Levels
Appendix E: Exercise Solutions
Index.
Notes:
Includes index.
Includes bibliographical references and index.
Description based on print version record.
ISBN:
1-394-44244-0
1-64331-119-0
1-64331-081-X
1-64331-002-X

The Penn Libraries is committed to describing library materials using current, accurate, and responsible language. If you discover outdated or inaccurate language, please fill out this feedback form to report it and suggest alternative language.

Find

Home Release notes

My Account

Shelf Request an item Bookmarks Fines and fees Settings

Guides

Using the Find catalog Using Articles+ Using your account