Functional integrity certification exida

2,540 views

Published on

Shanghai: Oil Gas Petrochemical Seminar: exida presentation (Koen Leekens)

Published in: Education
0 Comments
2 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
2,540
On SlideShare
0
From Embeds
0
Number of Embeds
6
Actions
Shares
0
Downloads
217
Comments
0
Likes
2
Embeds 0
No embeds

No notes for slide

Functional integrity certification exida

  1. 1. Functional Integrity Certification Functional Integrity Certification ™The First Combined Certification for Functional Safety and Functional Security Shanghai, 16 March 2011 Koen Leekens Exida Contacts Singapore +65 6222 5160 Canada +1 403 475 1943 Shanghai +86 21 5171 7250 United Kingdom +44 2476 456 195 Hong Kong g g +852 2633 7727 Netherlands +31 318 414 505 Germany +49 89 4900 0547 Australia / NZL +64 3 472 7707 USA +1 215 453 1720 Mexico +52 55 5611 9858 Switzerland +41 22 364 14 34 South Africa +27 31 267 1564 Copyright exida LLC ® 2000-2011
  2. 2. “SAFETY” is not “SECURITY” Piper Alpha 1988 Piper Alpha 1988 “Lessons learned” improve Safety Copyright exida LLC ® 2000-2011
  3. 3. “Disabled” Safety is not SAFE! Incident with “Certified” Boiler Anti‐Virus Software  Prevents Safety Shutdown Source www.securityincidents.org y g Copyright exida LLC ® 2000-2011
  4. 4. “Disabled” Safety is not SAFE!Advanced Technology introduces  introduces new THREATS? Explosion of “Certified” Boiler p Anti‐Virus Software  Prevents Safety Shutdown Source www.security incidents.org y g Copyright exida LLC ® 2000-2011
  5. 5. exida Functional Integrity Certification™Functional Integrity Certification™  Functional Safety Certification ™ + Functional Security Certification  Functional Security Certification ™ “Integrity is doing the right thing,  “I i i d i h i h hi even if nobody is watching.” (Anonymous) Copyright exida LLC ® 2000-2011
  6. 6. Who we are Founded in 1999 by experts from Manufacturers, End Users,  g g p Engineering Companies and TÜV Product Services Today: LARGEST Functional Safety and Cyber Security  consultancy and certification body worldwide  “Provide independent services and tools to help customers  comply to any industry standards for Functional Safety, Cyber  py y y f f y, y Security and Alarm Management” Rainer Faller Dr. William Goble Former Head of TÜV Product Services Ü Former Director Moore Industries Chairman German IEC 61508 Developed FMEDA Technique (PhD) Global Intervener ISO 26262 / IEC 61508 Author of several Safety Books Author of several Safety Books Author of several Reliability Books Author of IEC 61508 parts Copyright exida LLC ® 2000-2011
  7. 7. Where we are Copyright exida LLC ® 2000-2011
  8. 8. What we doEXIDA SCOPE Functional  SERVICES  INDUSTRIESSafety Tools  CUSTOMERS Process  Industry End Users End UsersCyber  Training Equipment  Automotive ySecurity Manufacturer Consultancy C lt Machine  M hi Industry Engineering  CompaniesReliability Certification Power  Industry I d System  S t IntegratorsAlarm  Reference  RailManagement Materials Copyright exida LLC ® 2000-2011
  9. 9. The exida Library  exida publishes analysis q techniques for functional  safety exida authors ISA  best‐ sellers for automation best sellers for a tomation safety and reliability exida authors industry data  handbook on equipment failure equipment failure data www.exida.com www exida com Copyright exida LLC ® 2000-2011
  10. 10. exida Customers (extract from 2000+) Copyright exida LLC ® 2000-2011
  11. 11. What is…? Functional Safety: Copyright exida LLC ® 2000-2011
  12. 12. What is…? Functional Safety: f f y p g y “Part of overall safety to protect against incidents caused by  incorrect functioning of components/systems” Copyright exida LLC ® 2000-2011
  13. 13. Why Functional Safety? To provide a safer working environment for people, that is to  save lives and protect the environment save lives and protect the environment To demonstrate compliance with regulatory requirements,  that is to avoid fines To protect investments in plant and equipment and insure  continuous operations, that is to save money Copyright exida LLC ® 2000-2011
  14. 14. What is…? SIL: “The Safety Integrity Level is a measure for the  ff f f y effectiveness of the risk reduction that each individual Safety  Function is expected to provide” Copyright exida LLC ® 2000-2011
  15. 15. History of Functional Safety Standards1960 1990 1995 2000 2005 2010 2015 RELAY Predictable  Failures F il Copyright exida LLC ® 2000-2011
  16. 16. History of Functional Safety Standards1960 1990 1995 2000 2005 2010 2015 PLC Failure  Modes? DIN 31000 Copyright exida LLC ® 2000-2011
  17. 17. History of Functional Safety Standards1960 1990 1995 2000 2005 2010 2015 Safety PLC “AK‐Classes”  S84.01 1996 DIN V 19250 DIN 31000 Copyright exida LLC ® 2000-2011
  18. 18. History of Functional Safety Standards1960 1990 1995 2000 2005 2010 2015 Safety Loop “Functional” ISO 26262 IEC 62061 S84.01 2004 IEC 61511 IEC 61513 IEC 61508 S84.01 1996 DIN V 19250 DIN 31000 Copyright exida LLC ® 2000-2011
  19. 19. History of Functional Safety Standards1960 1990 1995 2000 2005 2010 2015 Safety Loop “Functional” Also Secure? ISO 26262 IEC 62061 S84.01 2004 IEC 61511 IEC 61513 IEC 61508 S84.01 1996 DIN V 19250 DIN 31000 Copyright exida LLC ® 2000-2011
  20. 20. Which Standard? IEC 61508 6 08 Functional Safety for E/E/PES Safety Related Systems Copyright exida LLC ® 2000-2011
  21. 21. Which Standard? IEC 61508 6 08 Functional Safety for E/E/PES Safety Related Systems IEC 61513 IEC 61513 IEC 62061 IEC 62061 IEC 61511 IEC 61511 ISO 26262 ISO 26262 Nuclear Machinery Process Industry Road Vehicles Copyright exida LLC ® 2000-2011
  22. 22. Which Standard? Device Manufacturers or Sector Specific Not Available IEC 61508 Functional Safety for E/E/PES Safety Related Systems IEC 61513 IEC 61513 IEC 62061 IEC 62061 IEC 61511 IEC 61511 ISO 26262 ISO 26262 Nuclear Machinery Process Industry Road Vehicles Copyright exida LLC ® 2000-2011
  23. 23. Which Standard? Device Manufacturers - Sector Specific Not Available IEC 61508 Functional Safety for E/E/PES Safety Related Systems IEC 61513 IEC 61513 IEC 62061 IEC 62061 IEC 61511 IEC 61511 ISO 26262 ISO 26262 Nuclear Machinery Process Industry Road Vehicles End Users - Systems Integrators Copyright exida LLC ® 2000-2011
  24. 24. What do accidents teach us? Seveso 1976 Buncefield 2005 Bhopal 1984 Flixborough 1974 Copyright exida LLC ® 2000-2011
  25. 25. Primary Cause of Failures? Installation and Commission Design and Implementation Specification Operation and Maintenance More than  Changes after 80% of Failures  Commission Source Health, Safety & Environmental Agency Before Startup  The majority of accidents are: … Preventable if a systematic Risk Based Approach is adopted… Risk‐Based Approach is adopted Copyright exida LLC ® 2000-2011
  26. 26. IEC 61508/61511 Key AspectsSafety Integrity Levels to protect against Random Failures Physical or Hardware FailuresSafety Lifecycle to protect against Systematic Failures Insufficient Processes and Procedures Both protection  measures are measures are  Important “Having incomplete safety is worse than no safety at  “H i i l t f t i th f t t all  because people are lulled into complacency  thinking that safety is managed thinking that safety is managed”  Copyright exida LLC ® 2000-2011
  27. 27. Product Certification Functional safety certification for devices is accomplished  p per IEC 61508 Products are certified to a Safety Integrity Level (SIL) The result is typically a certificate and a certification report SIL Certification  SIL Certification Vendor  showed sufficient protection against Random and  Systematic Failures Copyright exida LLC ® 2000-2011
  28. 28. Certification versus Prior Use? Certificate Prior Use Certificate Justification  by Vendor by Vendor by User by User Copyright exida LLC ® 2000-2011
  29. 29. How to certify a device? Copyright exida LLC ® 2000-2011
  30. 30. How to certify a device?1. Analyze Hardware Reliability Copyright exida LLC ® 2000-2011
  31. 31. How to certify a device?1. Analyze Hardware Reliability2. Analyze Gaps between existing processes and IEC 61508 Analyze Gaps between existing processes and IEC 61508 Copyright exida LLC ® 2000-2011
  32. 32. How to certify a device?1. Analyze Hardware Reliability2. Analyze Gaps between existing processes and IEC 61508 Analyze Gaps between existing processes and IEC 61508 Fix Product and  Process Gaps Process Gaps Copyright exida LLC ® 2000-2011
  33. 33. How to certify a device?1. Analyze Hardware Reliability2. Analyze Gaps between existing processes and IEC 61508 Analyze Gaps between existing processes and IEC 61508 Process Gaps Process Gaps Fix Product and  Fix Product and  Fix Product and  Fix Product and Fix Product and Process Gaps Process Gaps3. Safety Justification Report listing how the requirements  are met Exida Tools  for 1,2 and 3 , Copyright exida LLC ® 2000-2011
  34. 34. How to certify a device?1. Analyze Hardware Reliability2. Analyze Gaps between existing processes and IEC 61508 Analyze Gaps between existing processes and IEC 61508 Process Gaps Process Gaps Fix Product and  Fix Product and  Fix Product and  Fix Product and Fix Product and Process Gaps Process Gaps3. Safety Justification Report listing how the requirements  are met for Product and Process f P d dP4. Final Assessment by Independent 3rd Party  Copyright exida LLC ® 2000-2011
  35. 35. How to certify a device?1. Analyze Hardware Reliability2. Analyze Gaps between existing processes and IEC 61508 Analyze Gaps between existing processes and IEC 61508 Process Gaps Process Gaps Fix Product and  Fix Product and  Fix Product and  Fix Product and Fix Product and Process Gaps Process Gaps3. Safety Justification Report listing how the requirements  are met for Product and Process f P d dP4. Final Assessment by Independent 3rd Party5. Certificate and Certification Report5 Certificate and Certification Report Copyright exida LLC ® 2000-2011
  36. 36. So what about Functional Security? Security vulnerabilities impact the operation of the Safety  y System Safety ONLY  is not  enough Disgruntled Contractor  i l d “Hacks” Pipeline Leak  Detection System Source www.securityncidents.org Copyright exida LLC ® 2000-2011
  37. 37. What is…? Functional Security:  g f “Protection against intentional or unintentional interference  with the proper operation of systems/components”  Copyright exida LLC ® 2000-2011
  38. 38. Which Standards? ISA 99 ISA‐99 IEC 62443 SP800‐82 CSA Z246.1 Copyright exida LLC ® 2000-2011
  39. 39. Functional Security Certification ™ 1. Analyze Hardware Reliability (ISCI) 2. Analyze Gaps between existing processes and ISA‐99 Analyze Gaps between existing processes and ISA 99 Process Gaps Process Gaps Fix Product and  Fix Product and  Fix Product and  Fix Product and Fix Product and Process Gaps Process Gaps 3. Security Justification Report listing how the requirements  are met for Product and Process tf P d t dP 4. Final Assessment by Independent 3rd Party 5. Certificate and Certification Report 5 Certificate and Certification Report Copyright exida LLC ® 2000-2011
  40. 40. Functional Security Certification ™ 1. Analyze Hardware Reliability (ISCI) 2. Analyze Gaps between existing processes and ISA‐99 Analyze Gaps between existing processes and ISA 99 Process Gaps Process Gaps Security is  Fix Product and  Fix Product and  Fix Product and  Fix Product and Fix Product and Process Gaps Process Gaps patterned to Safety d f 3. Security Justification Report listing how the requirements  are met for Product and Process tf P d t dP 4. Final Assessment by Independent 3rd Party 5. Certificate and Certification Report 5 Certificate and Certification Report Copyright exida LLC ® 2000-2011
  41. 41. Who can certify Safety and Security? Verify Market Recognition: Competency defined by Customers Other 25.9% Nobody Certifies  Other 8.3% the CERTIFIER h CERTIFIER Wurldtech 0.9% Wurldtech 0.0% TUV Sud 1.7% TUV Sud 3.1%TUV Rhineland 6.9%TUV Rhineland 12.2% TUV Nord 1.7% TUV Nord 1.7% Yellow – International list  Blue ‐ North America list exida 17.2% exida 60.7% Other includes: SIRA, CSA, FM, UL, BASEEFA, INERIS, DNV and many Copyright exida LLC ® 2000-2011
  42. 42. Who can certify Safety and Security? y g p y y Verify Market Recognition: Competency defined by Customers Verify Experience: Number of Certifications Fast  Time‐to‐Market Number of Certificates - Currently Marketed ProductsCertification Agency Sensors g y Logic Solvers Final Element Total gTUV X 5 2 4 11TUV Y 4 3 0 7TUV Z 4 14 9 27exida 32 6 55 93 9/17/2010 Copyright exida LLC ® 2000-2011
  43. 43. How to select the certifier?NOBODY CERTIFIES THE CERTIFIER Verify Market Recognition: Competency defined by Customers Verify Experience: Number of Certifications Verify Excellence / Competency: Involvement of the company with the  IEC and ISA standards  for Safety and Security y y Verify availability of 3rd party Assessment of Certifier Market Support Data: Provision of Failure Rate Databases, Books,  Whitepapers, Templates… Whitepapers Templates Broad Capabilities: Functional safety and Functional Security Certification Copyright exida LLC ® 2000-2011
  44. 44. “Bypassed” Safety is not SAFE! Disgruntled Contractor  Piper Alpha 1988 “Hacks” Pipeline Leak  “Lessons learned” improve  Detection System Safety Source www.security incidents.org Copyright exida LLC ® 2000-2011
  45. 45. “Bypassed” Safety is not SAFE! The Best Safety is  Useless when  DISABLED Disgruntled Contractor  Piper Alpha 1988 “Hacks” Pipeline Leak  “Lessons learned” improve  Detection System Safety Source www.security incidents.org Copyright exida LLC ® 2000-2011
  46. 46. “Bypassed” Safety is not SAFE! Both SAFETY and SECURITY Matter Disgruntled Contractor  Piper Alpha 1988 “Hacks” Pipeline Leak  “Lessons learned” improve  Detection System Safety Source www.security incidents.org Copyright exida LLC ® 2000-2011
  47. 47. Security Certified Control Systems   Copyright exida LLC ® 2000-2011
  48. 48. exida Functional Integrity Certification™Functional Integrity Certification™  Functional Safety Certification ™ + Functional Security Certification ™ y “Integrity is doing the right thing,  “I i i d i h i h hi even if nobody is watching.” (Anonymous) Copyright exida LLC ® 2000-2011
  49. 49. Copyright exida LLC ® 2000-2011

×