On safety issue of industrial control systems
Journal: Scientific and Technical Journal of Information Technologies, Mechanics and Optics (Vol.21, No. 1)Publication Date: 2021-25-02
Authors : Ilya I. Livshitz;
Page : 1-14
Keywords : safety; functional security; IT-security; standard; audit; risk management; protective actions; conformance evaluation;
Abstract
There are several various methodological approaches well known for the current level safety ensuring of industrial control systems. Two worlds apart methodological approaches have been considered fundamentally over the past few years: the proposal to implement additional information security countermeasures without changing the basic IT-infrastructure, and creation of a new total isolation concept (for example, the Zero Trust Architecture). These methodological approaches do not lead to stability and security of industrial control systems as noted by the world centers of competence in Russia (Group-IB, Positive Technology) and in the world (IBM, MS, Cisco, CheckPoint). Reports ofnew and new critical vulnerabilities never stop, including a significant number in relation to industrial control systems. The problem of safety ensuring dates from the XX century, has passed several stages of maturity, and, presently, the approach “from functionality” is the most obvious. In general, this approach consists in the fact that the formation and solution of a problem begins when the manufacturer creates a solution based on a specification consisting of functional safety requirements. Then the safety assessment based on trust requirements is carried out. For the overall process of the safety ensuring of industrial control systems, unfortunately, it is typical, that, so far, the industry has not yet developed a holistic culture of consumption of secure IT-components with security evidence that can be traced to the required level. Only a few suppliers in the world and in Russia are ready to offer components that have a proven level of Safety Integrity Level in accordance with the requirements of IEC 61508 and/or 61511 series. The present publication considers the issue of the safety ensuring of industrial control systems in such technical aspects as: the required resources, the specified speed, the management quality, the validation methods, estimation of residual risks and other computable estimates. A brief overview of existing approaches is presented and some possible solutions for the defined problem are given.
Other Latest Articles
- Preparing Students for Success in a Changing World: The Role of Virtual Whiteboards in the Modern Classroom
- Entry Grades and the Academic Performance of University Students: A Review of Literature
- Mentoring: The Way to Academic Excellence
- TYPES OF ORGANIZATIONAL MANAGEMENTS
- Enhancing Oral English Communication Ability of Thai EFL Undergraduates via Interactive Reading Comprehension Teaching (IRCT)
Last modified: 2021-03-05 01:00:53