When an organization begins a safety instrumented systems (SIS) project, one of the first decisions stakeholders must make is a choice of architecture.
It is possible to deliver successful, hardened systems using an interfaced or integrated SIS architecture within the constraints of international cybersecurity standards such as International Electrochemical Commission (IEC) 62443 (ANSI/ISA 62443 family of standards) and/or local recommendations, such as the User Association of Automation Technology in Process Industries (NAMUR) guidelines. Understanding the unique benefits and considerations behind each architecture is critical to making an informed decision on which will best serve the needs of the organization.
Understanding the standards
Cybersecurity standards provide guidelines for separating safety-critical and non-safety critical components. Under ISA guidelines, safety-critical assets must be grouped into zones logically or physically separated from non-safety-critical assets.
NAMUR offers a similar set of guidelines in worksheet NA 163, “Security Risk Assessment of SIS.” The guideline defines three logical zones—core SIS, extended SIS, and control system architecture (referred to as “peripherals” by NAMUR)—that must be physically or logically separated (Figure 1).