ISA TR84.00.09 PART 1 PDF

The intent of this document is to address and provide guidance for the integration of cybersecurity into the safety lifecycle as it relates to process safety controls alarms and interlocks (PSCAI) , inclusive of safety instrumented systems (SISs). This scope includes the work processes and security measures used throughout the life of a facility, from conceptual design to decommissioning, to reduce the risk from cybersecurity threats to the industrial automation and control system (IACS) to levels deemed tolerable by the asset owner.

From an IACS perspective, the scope includes a reference model that includes levels 0 through 3.5 as shown in Figure 3.

This scope provides recommendations to ensure process safety controls alarms and interlocks are adequately secure due to the potential for cyberattacks. These can act like common cause failures that initiate hazardous scenarios while also preventing instrumented protection functions, including the SIS, from performing their intended purpose. The scope intends to address cybersecurity from both external and internal threats. Although not directly within the scope, enterprise networks/business networks that interface with the IACS network represent a threat vector to the PSCAI systems or contain security measures that reduce the risk to the PSCAI systems from external cyber-threats. As such, the interface or the portion that overlaps between operational technology (OT) responsible for the design, operation, and maintenance of the facility, and information technology (IT), responsible for corporate enterprise IT functions, is included in the scope and can be considered a joint responsibility.

Whenever remote activities or cloud applications perform functions associated with any level from 0 through 3.5, these remote functions are part of the scope.

The scope does not address non-cyber-related physical plant protection (e.g., bollards, personnel safety guards, etc.), but does include physical access control of the IACS.