Security and Independence of Process Safety and Control Systems in the Petroleum Industry
Onshus, Tor Engebret; Bodsberg, Lars; Hauge, Stein; Jaatun, Martin Gilje; Lundteigen, Mary Ann; Myklebust, Thor; Ottermo, Maria Vatshaug; Petersen, Stig; Wille, Egil
Peer reviewed, Journal article
Published version
Åpne
Permanent lenke
https://hdl.handle.net/11250/3012389Utgivelsesdato
2022Metadata
Vis full innførselSamlinger
- Publikasjoner fra CRIStin - SINTEF AS [6009]
- SINTEF Digital [2568]
- SINTEF Konsernstab [50]
Sammendrag
The developments of reduced manning on offshore facilities and increased information transfer from offshore to land continue and may also be a prerequisite for the future survival of the oil and gas industry. A general requirement from the operators has emerged in that all relevant information from offshore-located systems should be made available so that it can be analysed on land. This represents a challenge to safety in avoiding negative impacts and potential accidents for these facilities. The layered Purdue model, which helps protect OT systems from unwanted influences through network segregation, is undermined by the many new connections arising between the OT systems and the surroundings. Each individual connection is not necessarily a problem; however, in aggregate, they add to the overall complexity and attack surface thereby exposing the OT systems to increased cyber risk. Since the OT systems are critical to controlling physical processes, the added connections represent a challenge not only to security but also to safety.