To understand the interaction between functional safety and cyber security, it is useful to first clarify some basic terms. In general, safety is defined as the absence of danger. In complex systems, however, it is rarely possible to eliminate all risks entirely. In industry, safety is therefore understood as freedom from unacceptable risks.
Reducing risks to an acceptable level is the task of functional safety. This means that the safety of an application depends on the correct functioning of a dedicated technical system, such as a safety controller. If this system performs its protective function as intended, the application is considered functionally safe.
Functional safety systems protect people, assets and the environment. They intervene when hazardous situations occur and operators are unable to react or when other protective measures fail. Their purpose is to prevent accidents and costly unplanned shutdowns.
Separated protection layers reduce risk
In the process industry, IEC 61511 clearly defines how risks can be reduced effectively. It requires separate protection layers for control and monitoring, prevention and mitigation, as well as emergency response.
Each layer performs specific tasks in risk reduction. Together, they reduce the hazards arising from the overall production process. The standard also requires independence, diversity and physical separation of these layers.
Safety systems and basic process control systems are only considered autonomous protection layers if they are based on different platforms, development environments and system philosophies.
Rising risk of cyber attacks
Since the Stuxnet attack in 2010, it has been clear that industrial installations are vulnerable and attractive targets for cyber attacks. Increasing digitalisation over the past five to ten years has further intensified this risk.
Cyber attacks no longer threaten only information security, but increasingly also plant safety itself. Operators must therefore actively address these risks.
Standards define the framework
IEC 61508 forms the base standard for functional safety systems. It is complemented by IEC 61511 for the process industry and the IEC 62443 series for cyber security of industrial networks and systems.
IEC 62443 requires, among other things, separate zones for enterprise networks, control systems, safety systems and field networks, each protected by firewalls.
Cyber security by design
Effective cyber security cannot be added retrospectively. Functional safety solutions must be designed from the outset with cyber security in mind, at both firmware and application level.
No functional safety without cyber security
The strict separation of safety systems (SIS) and basic process control systems (BPCS) is not only a normative requirement, but also makes practical and economic sense. Their life cycles and rates of change differ significantly.
Independent systems that are physically separated yet openly integrable provide the highest level of safety, availability and operational reliability.
