Integrated management of safety and security in Seveso sites - sociotechnical perspectives

• Published in: Safety science Vol. 151; p. 105741
• Main Authors: Ylönen, Marja, Tugnoli, Alessandro, Oliva, Gabriele, Heikkilä, Jouko, Nissilä, Minna, Iaiani, Matteo, Cozzani, Valerio, Setola, Roberto, Assenza, Giacomo, van der Beek, Dolf, Steijn, Wouter, Gotcheva, Nadezhda, Del Prete, Ernesto
• Format: Journal Article
• Language: English
• Published: Amsterdam Elsevier Ltd 01.07.2022; Elsevier BV
• Subjects: Accidents; Automation; Chemical industry; Content analysis; Cybersecurity; Digitization; Industrial development; Industrial safety; Information technology; Integrated management; Occupational safety; Qualitative analysis; Risk management; Safety; Safety management; Security; Seveso; Sociotechnical; Structure-function relationships; Sociotechnical; Cybersecurity; Safety; Security; Seveso; Integrated management
• ISSN: 0925-7535; 1879-1042
• DOI: 10.1016/j.ssci.2022.105741

•The current risk identification practices in Seveso sites do not help in understanding systemic risks.•Security threat analysis and process-safety analysis are often undertaken independently.•IMSS should pay attention to cyber-attacks on the IT system, compromising sensitive data/information.•IMSS should pay attention to cyber-attacks on the OT system leading to loss of production (e.g., production shutdown).•IMSS should pay attention to cyber-attacks infecting the OT system aimed at generating a major event.•Safety risk identification methods are not suitable for identifying the potential major events or attacks on the OT system.•PHAROS (Process Hazard Analysis of Remote manipulations through the cOntrol System) method was developed in this study.•PHAROS method helps to identify scenarios that can potentially originate from malicious manipulations, which may lead to major events.•IMSS lacks institutional support. There are no international standards that require and adequately support IMSS.•The development of IMSS rests on the shoulders of single Seveso companies for now.•The progress of IMSS can be slow and uneven between companies and EU countries. The call for integrated management of safety and security (IMSS) derives from intensification of digitalisation development and the increased reliance on information communication technologies (ICT) in high-risk industries, such as the chemical and process industry. This development means tightened interconnectedness between industrial automation and control and information technology systems. As a result, the risk landscape is changed towards a stronger interconnectedness of safety, physical and (cyber)security risks, which may lead to major accidents. The objective of this paper is to examine the motivations for IMSS, the current state of IMSS, the cybersecurity-induced risks, including the actualisation of interconnected risks and some sociotechnical tools for IMSS in Seveso plants. They are plants where certain quantities of dangerous substances are present, which are subject to the requirements of the Seveso III Directive (2012/18/EU). The data considered is open source and related to cyber and physical security-induced accidents; interviews with the representatives of Seveso sites and regulators; and literature. The method is qualitative content analysis. The results show that, despite the ongoing development in IMSS at the Seveso sites, IMSS is still in its infancy. Indeed, cybersecurity is often handled in a separate IT department, and the communication with process-safety experts is often inadequate. Furthermore, safety and security risk identification and assessment are essentially undertaken separately. To achieve a real IMSS, we argue that the co-existence of technical and organisational, including structural, functional and cultural development is a fundamental aspect. The combination of such complementary aspects represents the main novelty of this study.