John Cusimano, CISSP, GICSP, CFSE, is the Director of Industrial Cybersecurity for aeSolutions. John is an industrial control systems cybersecurity and functional safety expert with more than twenty years of experience. He leads the cybersecurity group for aeSolutions, a process safety consulting, engineering and automation company that provides process safety lifecycle solutions and tools.
John has performed countless control system cybersecurity vulnerability and cyber risk assessments in the Oil & Gas, Chemical, Water/Wastewater, and Power industries per ISA/IEC 62443 and NERC CIP standards. He has also overseen and participated in the security testing and certification of several control and safety systems per the ISASecure™ and Achilles™ security certification programs. A leader in the development of ICS cybersecurity standards and best practices, John is Chairman of ISA 99 WG4 TG2 Zones & Conduits committee and co-chair of ISA 99 WG4 TG6 Product Development committee. He was instrumental in the development of the ISASecure certification scheme and was recently appointed as US Expert to the IEC TC65 WG10 committee. John is also the lead course developer and instructor for the ISA IC32 training course, “Using the ANSI / ISA 62443 Standards to Secure Your Industrial Control System.”
A refinery attempted to upgrade their almost 10-year-old process control network (PCN) switches in one unit during a planned maintenance window. The new switches were updated models made by the same manufacturer as the legacy switches. Workers moved the configuration files over, double and triple checked everything, installed the new switches and the unit was […]
Leveraging Mature Process Safety Risk Management Techniques to Address Industrial Cybersecurity Risk Functional safety assessments have been a well‐established practice since the 1990’s to help organizations identify and manage industrial hazards. One of the most important is the Process Hazard Analysis (PHA) requirement and its associated Hazards and Operability Study (HAZOP) methodology, a technique used […]
Cyber PHA – The Perfect Technique to Ensure Your Safety Instrumented Systems (SIS) are Cyber Secure In 2016, the global functional safety standard, IEC 61511, was updated to include two requirements regarding the security of a SIS. The first requirement states, “a security risk assessment shall be carried out to identify the security vulnerabilities of […]
In the past, many people believed that safety instrumented systems (SIS) were immune to cybersecurity issues because they were either completely separate, or they were connected, but independent from the control system. Unfortunately, in today’s world, that thinking can be very dangerous. Cybersecurity threats can have a significant impact on the availability and integrity of […]
By Gregory Hale, Writer | John Cusimano, aeSolutions Contributor | Published: April 25, 2018 ISSSource.com Safety can learn from security and security can learn from safety, but now security can help protect safety by using a safety tool.Sound confusing? Just ask John Cusimano. “We are seeing more and more attacks on OT (operational technology),” said Cusimano, director of […]
The purpose of this paper is to raise awareness around common OSI Layer 2 networking misconfigurations found in Industrial Process Control Networks. These misconfigurations often introduce significant security vulnerabilities and negatively impact ICS availability. We’ll discuss the commonly found misconfigurations and demonstrate how they impact ICS security and availability, and present a case study from an oil & gas refinery that suffered widespread PCN outages as a result of these misconfigurations when attempting to upgrade two existing PCN switches.
The 2016 edition of IEC 61511-1: 2016 added two new requirements regarding the security of safety instrumented systems (SIS). The first requirement states that “a security risk assessment shall be carried out to identify the security vulnerabilities of the SIS” and the second requirement states that “the design of the SIS shall be such that it provides the necessary resilience against the identified security risks”. The standard directs the reader to ISA TR84.00.09, ISO/IEC 27001:2013, and IEC 62443-2-1:2010 for further guidance on how to comply with these requirements. While these documents are informative, the 479 combined pages do not provide concise guidance on how to address the specific security requirements. The purpose of this paper is to offer step-by-step guidance on how to address the security requirements in 61511 and to identify specific clauses in the reference standards for further information.
The convergence of Information Technology (IT) and Operations Technology (OT) platforms has exposed modern industrial automation systems to increased risk. Cyber threats have the potential to affect multiple layers of protection, including basic process control, process alarms and safety instrumented systems. In certain circumstances it may be possible for a single cyber threat to simultaneously defeat all three layers of protection. Unfortunately, traditional process hazard evaluation and mitigation techniques such as HAZOP and LOPA do not include a requirement to evaluate or mitigate cyber threats. This paper examines two aspects of integrating cybersecurity and process safety risk management.
The majority of process plants today are controlled and operated by automation systems built on Ethernet TCP/IP networks and legacy Microsoft operating systems. These systems are vulnerable to cybersecurity breaches resulting in potentially significant risks. Standards have been developed on how to assess and mitigate cyber risks to these systems. This paper provides an introductory summary of these topics.