Open-PHA™ has been upgraded to include the ability to perform a Security PHA Review (SPR – pronounced ‘spur’) directly in the PHA study. The advantages of this approach is that it allows for cyber security concerns to be addressed during a PHA study without expending excessive team time and the documentation of the SPR is directly included in the PHA report. The software upgrade includes fields related to causes and safeguards where they can be designated as “hackable” or “not-hackable”. If all of the safeguards of a hackable cause are also hackable, then the entire scenario is hackable, resulting in the need for a recommendation of either a non-hackable safeguard or more advanced cybersecurity practices that are defined through the assignment of a Security Level (SL) as defined in IEC 62443.
You can download your free fully functional Open-PHA™ Desktop version of our software here.
If you’re not familiar with what a SPR is, check out this article from ISA. Also, Kenexis is nearly finished with its SPR book to be published through ISA. Keep checking our blog for release announcements.
https://automation.isa.org/2018/01/managing-cybersecurity-threat-hazardous-process-plants/