Abstract
The object of this study is a programmable logic controller (safety PLC), which is part of an information and control system designed for safe management of important technological processes. The subject of this study is the substantiation of the legality of reusing the results obtained during the development of the safety PLC in accordance with the requirements of functional safety to assess the level of its cyber security. The purpose of this work is to investigate the possibility of "cross" evaluation of the safety characteristics of the safety PLC, namely, the possibility of evaluating the level of cyber security of the programmable logic controller based on known data regarding its level of functional safety, in order to optimize the use of available resources in the project. The study tasks are following: to provide a theoretical basis for the relationship between safety PLC characteristics such as functional safety and cybersecurity. Determine the metrics by which it will be possible to assess the degree of reuse of existing results. Perform an analysis of potential cyberattacks depending on the architecture of the information and control system, which performs security functions, as well as on the possible modes of its use. Determine and evaluate the degree of "cross" influence of critical characteristics of the research object. To perform a calculation analysis of the potential financial and time gain from the reuse of already known results for the minimum configuration of the safety PLC. Conclusions. The study demonstrated the relevance of the question of assessing the cybersecurity of a programmable logic controller based on the use of existing data, regarding its level of functional security (SIL). The proposed approach provides opportunities to significantly optimize the use of resources in safety PLC certification projects. However, the main methodological conclusion is that the well-known principle of Security Informed Safety can be developed and used in practice in the opposite direction, as Security supported/assessed by Safety. That is, to the principle of "assessment of functional safety taking into account/on information (cyber) security" the principle of "assessment of information (cyber) security with the support of/taking into account the results of the assessment of functional security" is added.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.