This report is related to the concern that a cyber-security risk could cause a safety risk and furthermore an accident. There is already a tradition for how to treat safety risks related to automated machinery, but cyber-security is quite new aspect. A cyber-security issue can cause malfunction of a safety function or inherently safe design can be somehow bypassed. When looking the risks in details, it can be seen that the cyber-security/safety risk of automation is usually related to the safety integrity, availability or response time of the safety-related control system. Furthermore, the cyber-security issue is usually related to software and human access to the system. The risk assessment processes for safety and cyber-security have similar phases, but the point of view is different. The cause of an incident is from the safety point of view usually failure, misuse or disturbance of a system whereas from the cyber-security point of view an incident may originate from a threat and vulnerability and in most cases human is causing it. We conclude that it would be difficult to benefit from a complete integration of safety and cyber-security risk assessment processes into a single analysis, because there would be so many aspects to consider and only few mutual effects. lt is recommended that the risks assessments are compiled separately, however, any identified safety-critical cyber-security issues should be added to the safety risk assessment process and associated risk treatment be validated according to safety process. The conclusion related to functional safety and cyber-security can be mutual.
|Series||VTT Research Report|