Safety and cybersecurity

 

In control systems such as a DCS, any incorrect data can potentially lead to a safety incident, whether or not a safety instrumented system (SIS) is involved. So, there must be a certainty with the data integrity of the Modbus data transactions which involves the correct data, error-free, getting to, and from where it’s supposed to go. Standard Modbus has error-detection capabilities such as parity, CRC/LRC, and checksums as well as diagnostics from the slave/server or master/client interfaces.

Modbus is commonly used to read data and status from SIS for the SIS HMI as required by the SIS standard IEC 61511, which is typically on the basic process control system (BPCS), commonly a DCS. Writing to the SIS via Modbus is less common and should be done cautiously. Failure of the Modbus communication link between the BPCS and the SIS should not compromise the safety integrity of the safety functions in the SIS.

 Essentially, the failure of the Modbus link cannot be able to affect the SIS safety integrity. Potential failures include failures caused by a security breach that affects the Modbus data and SIS safety integrity. By its hardwired nature, Modbus serial has less cybersecurity exposure than Ethernet-based client/server communications using Modbus TCP

The Modbus TCP network’s cybersecurity exposure can be further reduced by using security appliances or firewalls specifically designed for Modbus with deep packet inspection, such as those available from Tofino Security.

 A security appliance/Modbus firewall should always be placed between a Modbus TCP network and a Modbus serial network, and between any remote access into a Modbus Ethernet network. The figure below shows a simple network example for Modbus TCP/Serial with SIS systems.