This cybersecurity process safety course is meant to equip process safety professionals with knowledge and skills that can help mitigate the effects of cyber attacks on Industrial control and safety systems. Evaluating cyber threats to plants and taking preventive measures is a part of Process Safety Management. Process Safety professionals have to work in close co-ordination with Industrial Cybersecurity professionals, Instrumentation & Control System engineers, Functional Safety Professionals and cybersecurity practitioners to ensure that cyber attacks on process plants do not cause unwanted incidents.
Cybersecurity and Process Safety
Cybersecurity in the process industries has become very important as there have been several incidents as well as near miss incidents that have been attributed to cyber attacks on Industrial Control systems as well as Safety Instrumented Systems. In the process industries today both safety and cybersecurity have to be managed well in order to prevent disasters and unwanted incidents.
Process Safety depends on several factors including the process design, mechanical integrity and following the correct sequence of operations during all phases including startup and shutdown. Process Safety professionals use various risk assessment methods, such as HAZOP (Hazard and Operability Study), What-If Analysis/SWIFT (Structured What-If Analysis) and LOPA (Layer of Protection Analysis) to evaluate process safety. These methods traditionally do not consider malicious attacks in the evaluation method. However due to the increasing incidents of cyber attacks on Industrial plants, this factor should not also be considered.
Why this course?
Process Safety professionals should be aware of Industrial Cybersecurity when carrying out safety studies of a plant or equipment. Until now, malicious attacks were not factored as one of the possible reasons for process accidents, as the perpetrator had to gain physical access to the plant or equipment to sabotage it. Given that such facilities usually have good perimeter security, this is not considered a credible risk.
The advent of programmable electronic control and automation systems, such as DCS, PLC, SCADA and SIS led to many safeguards being dependent on these systems. If such systems face cyber attacks then the safeguards will fail and it can result in a disaster.
Who should take this course?
This course is meant for Process Safety professionals who have a good working knowledge about risk assessment using techniques such as HAZOP, What-If and/or LOPA, but would like to know about the cyber threats to the plant’s automation, control systems and safety systems, as well as how to incorporate these factors when conducting risk assessment studies. Process Safety professionals can use this knowledge to design better safeguards that reduce the risk of unwanted incidents.
Who is eligible to take this course?
Any Process Safety professional having experience in industry and having knowledge of risk assessment techniques such as HAZOP, can take this course. If you do not have any knowledge of HAZOP, we highly recommend that you take the HAZOP training course first.
What does this course contain?
This course consists of several modules. They are:
1. Overview of Industrial Automation & Control Systems (IACS)
2. Basic Concepts of Cybersecurity
3. Threats, vulnerabilities and attacks on IACS
4. Cyber Risk Assessment for Process Safety Methodology
5. Security HAZOP Review
6. Case Study
7. Self Assessment Test
After completing these modules, you can take the certification exam and earn a certificate and electronic badge.
If you would like to have a complete course on Industrial Cybersecurity then please take the Certified Industrial Cybersecurity Professional (CICP) course here.