A framework of security and safety checking for internet-based control systems

Abstract

Internet-based control is a way of using the internet as a platform for remote monitoring and control operation. The obvious benefit is to enable remote monitoring and maintenance of process plants and to initiate global collaboration and data sharing between operators from geographically dispersed locations. However, connection to an open network and the use of universal technology present high safety and security risks to the new generations of control systems. Are we opening up our internet-enabled control systems for trouble since a number of malicious hackers continually attack web servers on the internet? The new type of control systems will never be accepted by industries if people do not have enough confidence in their safety and do not feel secure by using the system. This paper presents a framework of security and safety checking, used in the design of internet-based control systems. Based on the existing measures of physical and network securities, such as firewall and comprehensive user-authorised access control, the framework proposed in this paper focuses on the security of control commands transferred over the internet, responding actions to malicious attacks and system safety. An internet-based control system for a process rig is used as a case study to illustrate the implementation of the framework.