Process plants rely on multiple independent layers of protection to mitigate operational risks. These safeguards typically range from mechanical devices, such as pressure relief valves, to automated systems including basic process control system (BPCS) interlocks, alarms, and safety instrumented functions (SIF). While traditional safety risk assessments assume these layers function independently, a sophisticated cybersecurity incident can compromise multiple layers simultaneously through a single point of entry.
This paper identifies several common vulnerabilities that attackers exploit to trigger common-cause failures across both control and safety functions. Key focus areas include the unauthorized bypass of safety-critical components via operator workstations, the use of shared engineering workstations or laptops for configuring dual-purpose devices, and the risks associated with shared access credentials. Finally, the paper offers best practices for securing safety-critical systems and provides a framework for integrating cybersecurity-driven independence requirements into existing process safety management activities.