(18b) Cybersecurity Testing: Industrial Automation Control Systems Design; The Value and Need of Iacs Security FAT and Iacs Security SAT

Control system vendors today have adapted their technologies to support the cybersecurity mission allowing for better architecture and methods of security. Many have created their own cybersecurity guidelines and references for proper implementation strategies.

Often the vendor delivery services group while under pressure to provide the operational design features of the control system and safety system mean well in their actions but in many situations, cybersecurity while important, is usually less of a priority in the preparation for traditional factory acceptance testing (FAT). In today’s ever connected world the design and delivery should have cybersecurity at the core of the mission and tied to safety leading up to FAT and site acceptance testing (SAT) and at handoff/handover and signoff.

This talk will discuss the strategy and alignment for asset owner-operators to consider and plan for into their projects. An IACS Cyber Security FAT and IACS Security SAT is an essential task that can and should be part of every project. Having an external assessor to test and verify is an important part of the process and is best when the assessor is outside that of the vendor and the owner-operator for security control verifications. Referencing ISA/ANSI 62443-3-3 and the approach.