Requirements for IT/OT Cooperation in Safe and Secure IACS

Abstract

Recently, cyber security of safety instruments systems (SIS) is become important issues. SIS has a critical roles to protect industrial plants and industrial automation control systems (IACS). If security threats make the safety functions disabled and degraded, serious or fatal accidents would occur in the plant. Even without an accident, the threats could down its operation of manufacturing or degrade social infrastructure services. SIS which is a part of IACS shall perform two functions, functional safety and cyber security. To achieve both functions in IACS has been a difficult problem because each has been based on independent technologies and standards. IEC TR 63069: 2019 had been developed to report a technical study on the compatibility between them, and described the terms, concepts and development. However, IT/OT (Information Technology and Operational Technology) cooperation was not yet sufficiently discussed because of the lack of experiments. For example, modifications, impact analysis, patch managements, incident response and plan to recover. This paper considers the cooperation functions of IACS during incident response against cyber attack, and especially proposes IT/OT operational functions of IACS engineering tool.