IMPORTANCE OF CYBER SECURITY ANALYSIS IN THE OPERATIONAL TECHNOLOGY SYSTEM LIFECYCLE

This research focuses on the importance of cyber security analysis in the operational technology system lifecycle. Specifically, cyber security issues are analyzed when using information technology workstations to manage modern safety instruments that are critical components of safety instrumented systems. Attack paths and security controls in real-world industrial control safety system architectures typically used in the oil and gas sector are examined to determine whether a safety-instrumented-system-mediated architecture could provide better protection against unauthorized and malicious safety instrument configuration changes than a multiplexer-mediated architecture. The determination leveraged crafted assessment questions that were answered using standard cyber security assessment methods.The research reveals that recurring vulnerabilities exist in all safety systems due to design issues in safety instruments, the Highway Addressable Remote Transducer protocol, third-party device management software and safety instrument management solutions. Additionally, device-native hardware write protection provides the best defense followed by safety instrumented system write protection. When using safety instrumented system security controls, a safety-instrumented-system-mediated architecture can protect against unauthorized device reconfigurations better than a multiplexer-mediated architecture. The key insight is that cyber security analyses commonly used in information technology systems must be adapted and used in the lifecycles of operational technology systems such as industrial control systems and safety instrumented systems to manage the safety risks induced by cyber attacks.