Integrating cybersecurity into the risk-based process safety (RBPS) program

With the industry's increasing reliance on computer systems for basic process control and safety functions, industrial processes have become more vulnerable to cybersecurity threats. The recently released CCPS book, Managing Cybersecurity in the Process Industries, A Risk-based Approach, discusses the need for proactive and effective cybersecurity management in the interest of process safety. This paper will share some of the highlights from the book illustrating areas where cybersecurity considerations parallel and complement the key principles of Risk-Based Process Safety (RBPS) elements. This paper will share some lessons from recent cybersecurity incidents impacting process safety and identify avenues where cyberattacks can gain access to the control or safety instrumented systems to cause harm. Finally, we will discuss a sampling of the RBPS elements in more detail to illustrate how cybersecurity can be integrated into the RBPS program.