산업제어시스템 통합에 따른 안전계장 시스템 사이버 보안 취약점 평가 및 대응방안 연구A Study on the Evaluation of Cybersecurity Vulnerabilities in Safety Instrumented System Based on Industrial Control System Integration and Its Counterplan
- Other Titles
- A Study on the Evaluation of Cybersecurity Vulnerabilities in Safety Instrumented System Based on Industrial Control System Integration and Its Counterplan
- Authors
- 김상기; 김영세; 박진형; 유명희; 전진우; 박교식
- Issue Date
- Dec-2022
- Publisher
- 한국위험물학회
- Keywords
- safety instrumented system; TRITON; cybersecurity; ICS. DCS
- Citation
- 한국위험물학회지, v.10, no.2, pp.65 - 71
- Journal Title
- 한국위험물학회지
- Volume
- 10
- Number
- 2
- Start Page
- 65
- End Page
- 71
- URI
- http://scholarworks.bwise.kr/ssu/handle/2018.sw.ssu/43069
- DOI
- 10.31333/kihm.2022.10.2.65
- ISSN
- 2288-6338
- Abstract
- Although the Safety Instrumented System has been operated independently among industrial control systems for a long time, recently the industrial control system has been released as an integrated Distributed Control System based on an open platform because it is more cost-effective simplified and enhanced approach for advanced functional safety however it could be vulnerable to cybersecurity sector. Without considering of cybersecurity, the SIS has no guarantee its secured from cyberattacks. The discovery of the TRITON melware, which is targeting the SIS in 2017, is emphasized in the connection between the SIS and the DCS. Considering these issues the IEC Standard 61511 Second Edition which guarantees the functional safety of industrial processes updated new explicit requirement to conduct a security risk assessment. This study aims to investigate whether the Safety Instrumentation System (SIS), which has long been independently classified in the industrial control system considered irrelevant to cybersecurity problems, has become an appropriate cybersecurity design due to connection with the DCS, and to present vulnerability measures. For this study four domestic oil refineries and six petrochemical NCC plants were selected to analyze security design and weaknesses. As a result of all of plants were vulnerable to cybersecurity vulnerability therefore, the SIS is needed to be included appropriate design and assessment as part of the enhancement process.
- Files in This Item
-
Go to Link
- Appears in
Collections - ETC > 1. Journal Articles
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.