NAMUR NA 163 "Security Risk Assessment of SIS"


The “Automation Security” working group WG 4.18 of NAMUR (the “User Association of Automation Technology in Process Industries”) has released Worksheet NA 163 “Security Risk Assessment of SIS”

Abstract: IEC 61511 asks for IT - Risk assessments for Safety Instrumented Systems. NA 163 describes who, how often and for which scope the Risk Assessment should be done. Using a Checklist to SIS - Engineer with basic knowledge of IT and Networking is able to perform the assessment.

IEC 61511-1: 2016 clauses that address SIS cyber security / cyber risks:
IEC 61511-1: 2016. Functional safety - Safety instrumented systems for the process industry sector - Part 1: Framework, definitions, system, hardware and application programming requirements

  • Clause 8.2.4: A security risk assessment shall be carried out to identify the security vulnerabilities of the SIS.
  • Clause 11.2.12: The SIS design will provide the necessary resilience against the identified security risks.