Preliminary Safety and Security Co-engineering Process in the Industrial Automation Sector

The Industrial Automation Sector has a long tradition of showing compliance on functional safety. Ultimately, security was taken into account only at production phase and with a reactive approach. However, this domain is experimenting an increasing need to incorporate cyber-security mechanisms and to provide evidences on security-related standards and applying security by design principles. Both domains have their own regulations defining specific life-cycles. In this work we analyzed IEC 61508 (safety-related) and ISA 62443 (security-related) standards to 1) identify commonalities and create a mapping model, and 2) propose a combined process in the context of safety and security co-engineering. Our approach is qualitatively evaluated by experts on the standards and by practitioners of this domain.