Dynamic and Integrated Safety and Security Barrier Management in the Chemical Process Industries
S. Yuan (TU Delft - Safety and Security Science)
G.L.L.M.E. Reniers – Promotor (TU Delft - Safety and Security Science)
M. Yang – Copromotor (TU Delft - Safety and Security Science)
More Info
expand_more
Other than for strictly personal use, it is not permitted to download, forward or distribute the text or part of it, without the consent of the author(s) and/or copyright holder(s), unless the work is under an open content license such as Creative Commons.
Abstract
Concerning the accidental and intentional major adverse events in chemical process industries, particularly considering the emerging cyber-to-physical (C2P) attack risks affiliated with the automation and digitization process of industrial control systems, this study is dedicated to investigating the dynamic and integrated safety and security barrier management for ensuring the safety and security of chemical plant in the Industry 4.0 era. To achieve the objectives of this study, the following research steps have been made.
A systematic review has been conducted to understand the definitions and classifications of safety and security barriers and get insights into the fundamental aspects of safety and security barriers. Existing methodologies for the performance assessment and management of safety and security barriers have also been reviewed and discussed to identify research gaps, which provide valid foundations for the following steps.
With the identification of multi-dimensional risks (safety risks, physical attack risks, and C2P attack risks) threatening industrial control systems in chemical plants, an integrated approach is developed to construct accident scenarios concerning both safety hazards and security threats and quantitatively assess the risk of chemical facilities considering the interdependency between safety risks and security risks.
Considering the uncertainties associated with the integrated safety and security risks, particularly the uncertainties in attackers' knowledge levels, a vulnerability assessment model is developed to assess C2P attacks, and the combination of Monte Carlo simulations and a Bayesian network model is employed to handle uncertainty propagation in the risk assessment. Furthermore, combining cost-effectiveness analysis with a risk matrix yields the optimal strategy for safety and security barrier enhancements from a cost-effective perspective.
A novel approach for risk-based barrier maintenance is developed to tackle the challenges in solving barrier optimization problems with large-solution spaces.
Accident scenarios regarding safety and physical security are constructed using an extended bow-tie diagram and then modeled based on MATLAB/Simulink simulations.
A combination of cost-effectiveness analysis and genetic algorithms is employed to decide the approximately optimal strategy for barrier maintenance.
Multiple data (periodic proof test data, continuous condition-monitoring data, and accident precursor data) are combined to enable continuous safety barrier improvement by revealing the degradation of safety barriers and performing dynamic risk assessment. Furthermore, multi-source data capable of revealing risk variations are characterized and incorporated with the barrier management framework to empower dynamic and integrated safety and security barrier management. Dynamic and integrated S&S barrier management has the advantage of making timely adaptations according to the new evidence and continuously ensuring the integrated safety and security risks at acceptable levels.
Finally, all methodologies developed in this study are structured into a systematic framework to foster the application of dynamic and integrated management of safety and security barriers in practices.