Abstract
Safety instrumented systems (SIS) as defined in IEC 61508 and IEC 61511 are very important for the safety of offshore oil and natural gas installations. Partly as a consequence of the evolving 'integrated operations' concept, a need is emerging for remote access to such systems from vendors external to the operating company. This access will pass through a number of IP-based networks used for other purposes, including the open internet. This raises a number of security issues, ultimately threatening the safety integrity of SIS. In this article, we present a layered network architecture that represents current good practice for a solution to ensure secure remote access to SIS. Also, a method for assessing whether a given solution for remote access to SIS is acceptable is described.
