For controls engineers involved in building machinery for factories or plants, a recent article from partner publication Control clarifies the importance of managing risks to tolerable levels through safety and security measures, both of which aim to protect people, property and the environment.
The methodologies for achieving these objectives are similar, involving risk analysis to justify the necessary time, effort and investment. However, a key distinction is that safety risk analysis is based on severity and likelihood, while security presumes an inevitable breach.
Standards such as IEC 61508 for safety and IEC 62443 for cybersecurity are horizontal, applying across various industries. Notably, Control highlights the development of industry-specific cybersecurity standards, like the IEC TS 62443-1-5, which provides a framework for compliance certificates based on defined requirements.
Control also underscores the challenge of integrating safety and security expertise due to their specialized nature. Safety experts focus on process protection and controls, whereas security experts understand network and system communications.
Effective risk management necessitates early collaboration between these groups during the design process to understand mutual impacts and address potential conflicts. Learn more about it in the full article from Control.
