ImageVerifierCode 换一换
格式:PDF , 页数:118 ,大小:3.31MB ,
资源ID:789998      下载积分:10000 积分
快捷下载
登录下载
邮箱/手机:
温馨提示:
如需开发票,请勿充值!快捷下载时,用户名和密码都是您填写的邮箱或者手机号,方便查询和重复下载(系统自动生成)。
如填写123,账号就是123,密码也是123。
特别说明:
请自助下载,系统不会自动发送文件的哦; 如果您已付费,想二次下载,请登录后访问:我的下载记录
支付方式: 支付宝扫码支付 微信扫码支付   
注意:如需开发票,请勿充值!
验证码:   换一换

加入VIP,免费下载
 

温馨提示:由于个人手机设置不同,如果发现不能下载,请复制以下地址【http://www.mydoc123.com/d-789998.html】到电脑端继续下载(重复下载不扣费)。

已注册用户请登录:
账号:
密码:
验证码:   换一换
  忘记密码?
三方登录: 微信登录  

下载须知

1: 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。
2: 试题试卷类文档,如果标题没有明确说明有答案则都视为没有答案,请知晓。
3: 文件的所有权益归上传用户所有。
4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
5. 本站仅提供交流平台,并不能对任何下载内容负责。
6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。

版权提示 | 免责声明

本文(ISA TR84 00 09-2017 Cybersecurity Related to the Functional Safety Lifecycle.pdf)为本站会员(amazingpat195)主动上传,麦多课文库仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对上载内容本身不做任何修改或编辑。 若此文所含内容侵犯了您的版权或隐私,请立即通知麦多课文库(发送邮件至master@mydoc123.com或直接QQ联系客服),我们立即给予删除!

ISA TR84 00 09-2017 Cybersecurity Related to the Functional Safety Lifecycle.pdf

1、 NOTICE OF COPYRIGHT This is a copyright document and may not be copied or distributed in any form or manner without the permission of ISA. This copy of the document was made for the sole use of the person to whom ISA provided it and is subject to the restrictions stated in ISAs license to that pers

2、on. It may not be provided to any other person in print, electronic, or any other form. Violations of ISAs copyright will be prosecuted to the fullest extent of the law and may result in substantial civil and criminal penalties. TECHNICAL REPORT ISA-TR84.00.09-2017 Cybersecurity Related to the Funct

3、ional Safety Lifecycle Approved 10 April 2017 ISA-TR84.00.09-2017, Cybersecurity Related to the Functional Safety Lifecycle ISBN: 978-1-945541-49-0 Copyright 2017 by ISA. All rights reserved. Not for resale. Printed in the United States of America. ISA 67 Alexander Drive P. O. Box 12277 Research Tri

4、angle Park, NC 27709 USA - 3 - ISA-TR84.00.09-2017 PREFACE This preface, as well as all footnotes and annexes, is included for information purposes and is not part of ISA-TR84.00.09-2017. This document has been prepared as part of the service of ISA, the International Society of Automation, toward a

5、 goal of uniformity in the field of instrumentation. To be of real value, this document should not be static but should be subject to periodic review. Toward this end, the Society welcomes all comments and criticisms and asks that they be addressed t o the Secretary, Standards and Practices Board; I

6、SA; 67 Alexander Drive; P. O. Box 12277; Research Triangle Park, NC 27709; Telephone (919) 549-8411; Fax (919) 549-8288; E-mail: standardsisa.org. It is the policy of ISA to encourage and welcome the participation of all concerned individuals and interests in the development of ISA standards, recomm

7、ended practices and technical reports. Participation in the ISA standards-making process by an individual in no way constitutes endorsement by the employer of that individual, of ISA or of any of the standards, recommended practices and technical reports that ISA develops. CAUTION ISA DOES NOT TAKE

8、ANY POSITION WITH RESPECT TO THE EXISTENCE OR VALIDITY OF ANY PATENT RIGHTS ASSERTED IN CONNECTION WITH THIS DOCUMENT, AND ISA DISCLAIMS LIABILITY FOR THE INFRINGEMENT OF ANY PATENT RESULTING FROM THE USE OF THIS DOCUMENT. USERS ARE ADVISED THAT DETERMINATION OF THE VALIDITY OF ANY PATENT RIGHTS, AN

9、D THE RISK OF INFRINGEMENT OF SUCH RIGHTS, IS ENTIRELY THEIR OWN RESPONSIBILITY. PURSUANT TO ISAS PATENT POLICY, ONE OR MORE PATENT HOLDERS OR PATENT APPLICANTS MAY HAVE DISCLOSED PATENTS THAT COULD BE INFRINGED BY USE OF THIS DOCUMENT AND EXECUTED A LETTER OF ASSURANCE COMMITTING TO THE GRANTING OF

10、 A LICENSE ON A WORLDWIDE, NONDISCRIMINATORY BASIS, WITH A FAIR AND REASONABLE ROYALTY RATE AND FAIR AND REASONABLE TERMS AND CONDITIONS. FOR MORE INFORMATION ON SUCH DISCLOSURES AND LETTERS OF ASSURANCE, CONTACT ISA OR VISIT WWW.ISA.ORG/STANDARDSPATENTS. OTHER PATENTS OR PATENT CLAIMS MAY EXIST FOR

11、 WHICH A DISCLOSURE OR LETTER OF ASSURANCE HAS NOT BEEN RECEIVED. ISA IS NOT RESPONSIBLE FOR IDENTIFYING PATENTS OR PATENT APPLICATIONS FOR WHICH A LICENSE MAY BE REQUIRED, FOR CONDUCTING INQUIRIES INTO THE LEGAL VALIDITY OR SCOPE OF PATENTS, OR DETERMINING WHETHER ANY LICENSING TERMS OR CONDITIONS

12、PROVIDED IN CONNECTION WITH SUBMISSION OF A LETTER OF ASSURANCE, IF ANY, OR IN ANY LICENSING AGREEMENTS ARE REASONABLE OR NON-DISCRIMINATORY. ISA REQUESTS THAT ANYONE REVIEWING THIS DOCUMENT WHO IS AWARE OF ANY PATENTS THAT MAY IMPACT IMPLEMENTATION OF THE DOCUMENT NOTIFY THE ISA STANDARDS AND PRACT

13、ICES DEPARTMENT OF THE PATENT AND ITS OWNER. ADDITIONALLY, THE USE OF THIS DOCUMENT MAY INVOLVE HAZARDOUS MATERIALS, OPERATIONS OR PROCESS EQUIPMENT. THE DOCUMENT CANNOT ANTICIPATE ALL POSSIBLE APPLICATIONS OR ADDRESS ALL POSSIBLE SAFETY ISSUES ASSOCIATED WITH USE IN HAZARDOUS CONDITIONS. THE USER O

14、F THIS TECHNICAL REPORT SHOULD EXERCISE SOUND PROFESSIONAL JUDGMENT CONCERNING ITS USE AND APPLICABILITY UNDER THE USERS PARTICULAR CIRCUMSTANCES. THE USER SHOULD ALSO CONSIDER THE APPLICABILITY OF ANY GOVERNMENTAL REGULATORY LIMITATIONS AND ESTABLISHED SAFETY AND HEALTH PRACTICES BEFORE IMPLEMENTIN

15、G THIS TECHNICAL REPORT. ISA (www.isa.org) is a nonprofit professional association that sets the standard for those who apply engineering and technology to improve the management, safety, and cybersecurity of modern ISA-TR84.00.09-2017 - 4 - automation and control systems used across industry and cr

16、itical infrastructure. Founded in 1945, ISA develops widely used global standards; certifies industry professionals; provides education and training; publishes books and technical articles; hosts conferences and exhibits; and provides networking and career development programs for its 40,000 members

17、 and 400,000 customers around the world. ISA owns A, a leading online publisher of automation-related content, and is the founding sponsor of The Automation Federation (www.automationfederation.org), an association of non-profit organizations serving as “The Voice of Automation.“ Through a wholly ow

18、ned subsidiary, ISA bridges the gap between standards and their implementation with the ISA Security Compliance Institute (www.isasecure.org) and the ISA Wireless Compliance Institute (www.isa100wci.org). The following members of ISA84 Working Group 9 served as active contributors in the development

19、 of this technical report revision: NAME AFFILIATION Harold W Thomas (Hal), Chair exida Kevin Arnold Phillips 66 David Bennett Phillips 66 Rahul Bhojani BP John D. Day Air Products and Chemicals David Deibert Air Products and Chemicals Andrew Feben Eigen Ltd David Gunter Air Products and Chemicals E

20、ric Hopp Rockwell Automation Kevin Klein Chevron ETC Vic Maggioli Feltronics Corp Marcelo Mollicone SYM PCS Nagappan Muthiah Wood Group Eric Persson exida Jeff Potter Emerson Richard Roberts Suncor Energy Eloise Roche SIS-TECH Solutions Byron Schneidau BP Pipelines risk may be quantified - Based on

21、likelihood and severity; risk is currently qualitative - Risk categorization for every cybersecurity requirement - Multi-dimensional problem - Assigned to zone with target SL for each zone/conduit Risk mitigation measures - Relies on independent protection layers concept - Safeguards reduce likeliho

22、od of consequence evaluated - Identifies integrity requirements for safeguards; for SIF assigns target SIL - Relies on cybersecurity countermeasures within zones, conduits interconnecting zones, and defense in depth concept - Countermeasures reduce likelihood - Identifies requirements for countermea

23、sures to meet the zone target SL for each threat vector Implementation of measures - Safety manual for components - Quantitative SIL verification for SIF - Cybersecurity manual for components - Verification through different levels of testing for target SL Operation and maintenance - Restrict access

24、 to IACS components to competent personnel with necessary access privileges - Periodic testing of measures - Demand rate and component failures to be monitored - Awareness and training - Restrict access to IACS components to competent personnel with necessary access privileges - Periodic testing of

25、measures - Frequent reviews to identify new vulnerabilities and take appropriate action, if necessary - Awareness and training - Cyber risk reassessment after each software or hardware change Management system - Defines requirements for competency, training, verification, testing, audit, MOC, and do

26、cumentation - Defines requirements for competency, training, verification, testing, audit, MOC, and documentation ISA-TR84.00.09-2017 - 16 - This page intentionally left blank. - 17 - ISA-TR84.00.09-2017 1 Scope This document is intended to address and provide guidance on integrating the cybersecuri

27、ty lifecycle with the safety lifecycle as they relate to Safety Controls, Alarms, and Interlocks (SCAI), inclusive of Safety Instrumented Systems (SIS). This scope includes the work processes and countermeasures used to reduce the risk involved due to cybersecurity threats to the Industrial Automati

28、on and Control System (IACS) network. This scope provides recommendations to ensure SCAI are adequately secured due to the potential for cyber attacks that can act like common mode failures that initiate a hazardous demand and also prevent instrumented protection functions, including the SIS, from p

29、erforming their intended purpose. The scope is intended to address cybersecurity from both external and internal threats. Although not directly within the scope, enterprise networks, business networks and process information networks (demilitarized zones) that represent a threat vector to the SCAI s

30、ystems, or contain countermeasures that reduce the risk to the SCAI systems from external cyber threats, are included. The scope does not address physical plant protection (for example, fences, bollards, and grounding) that has the intent of preventing unauthorized entry into the plant so as to prev

31、ent theft , vandalism, or physical damage, but does address physical access issues related to cybersecurity of the IACS (12.4 of this technical report). SCAI systems that are constructed exclusively of electrical/electronic components without digital signal technology are not vulnerable to cybersecu

32、rity attacks, and these technologies are not discussed in this technical report. 2 References The following documents are important for understanding this technical report. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (in

33、cluding any amendments) applies. For information on obtaining ISA standards and technical reports, visit: www.isa.org/findstandards In addition, readers should be aware of the ongoing development of additional standards in the ANSI/ISA-62443 series, Security for Industrial Automation and Control Sys

34、tems, listed in the Bibliography. For an update on the status of these standards, visit https:/www.isa.org/isa99/ . IEC-61508-2010, Functional Safety of Electrical/Electronic/Programmable Electronic Safety-Related Systems IEC-61511-1, Functional Safety: Safety Instrumented Systems for the Process In

35、dustry Sector Part 1: Framework, Definitions, System, Hardware and Software Requirements . ISA-84.00.01-Part 1 (IEC 61511-1), Functional Safety: Safety Instrumented Systems for the Process Industry Sector Part 1: Framework, Definitions, System, Hardware and Software Requirements. ANSI/ISA-84.91.01-2

36、012, Identification and Mechanical Integrity of Safety Controls, Alarms, and Interlocks in the Process Industry, 2012. ISA-TR84.00.09-2017 - 18 - 3 Terms, definitions, abbreviated terms, acronyms, and conventions 3.1 Terms and definitions Conduit ANSI/ISA-62443-1-1 neither should it be assumed that

37、each type is necessarily separate and independent. Note 2 to entry: Refer to ISA-84.00.01-2004 (IEC 61511 Mod) for additional requirements related to safety instrumented systems. Note 3 to entry: Examples of non-instrumented safeguards include rupture disks, relief valves, dikes, etc. Security level

38、 ANSI/ISA-62443-1-1 Level corresponding to the required effectiveness of countermeasures and inherent security properties of devices and systems for a zone or conduit based on assessment of risk for the zone or conduit. Security level 0 ISA -62443-3-2 Security level with the following attributes: No

39、 specific requirements or security protection. Security level 1 Security level 1 has the following attributes: Intended to protect against casual or coincidental violation Countermeasure and detection effectiveness capable of delaying or denying an attack for a period of 4 to 8 hour Security level 2

40、 Security level with the following attributes: Intended to protect against intentional violation using simple means with low resources, generic skills and low motivation Countermeasure and detection effectiveness capable of delaying or denying an attack for a period of days Order of magnitude improv

41、ement in risk reduction factor (RRF) over a security level 1 Security level 3 Security level with the following attributes: Intended to protect against intentional violation using sophisticated means with moderate resources, IACS specific skills and moderate motivation Countermeasure and detection e

42、ffectiveness capable of delaying or denying an attack for a period of days to weeks ISA-TR84.00.09-2017 - 20 - Order of magnitude improvement in risk reduction factor (RRF) over a security level 2 Security level 4 Security level with the following attributes: Intended to protect against intentional

43、violation using sophisticated means with extended resources, IACS specific skills and high motivation Countermeasure and detection effectiveness capable of delaying or denying an attack for a period of weeks to months Order of magnitude improvement in risk reduction factor (RRF) over a security leve

44、l 3. Threat 1) Potential for violation of security, which exists when there is a circumstance, capability, action or event that could breach security and cause harm. 2) Circumstance or event with the potential to adversely affect organizational operations (e.g., mission, functions, reputation), orga

45、nizational assets, IACS, or personnel via means contrary to security policy, intentionally or unintentionally cause the destruction, disclosure, modification of data, control logic, SCAI logic, and/or denial of service. Threat agent Method(s), individual(s) or organization(s) that could breach the s

46、ecurity of a facility, operation or system by exploiting a vulnerability Threat vector ISA -62443-1-2 Path or means by which a threat agent can gain access to an asset resulting in a negative outcome Unmitigated cyber risk Level of risk that is present in a system before any cybersecurity countermea

47、sures are considered Vulnerability ISA -62443-1-2 slight revision to no. 2 1) Flaw or weakness in a systems design, implementation, or operation and management that could be exploited to violate the systems integrity or security policy. 2) Weakness in an IACS function, procedure, internal control or

48、 implementation that could be exploited or triggered by a threat source, either intentionally designed into computer components (e.g., remote port access) or accidentally inserted at any time during the lifecycle. Zone ISA -62443-3-3 Grouping of logical or physical assets that share common security

49、requirements. Note to entry: A zone has a clear border. The security policy of a zone is typically enforced by a combination of mechanisms both at the zone edge and within the zone. For additional definitions, see IEC-61511 2, ISA-84.00.01-2004 3, and ISA-62443-1-2 5 3.2 Abbreviated terms and acronyms The abbreviated terms and acronyms used in this document are defined as follows: ACL Access Control List APT Advanced Persistent Threat ALARP As Low as Reasonably Practical - 21 - ISA-TR84.00.09-2017 ANSI American Nati

copyright@ 2008-2019 麦多课文库(www.mydoc123.com)网站版权所有
备案/许可证编号:苏ICP备17064731号-1