ÂÒÂ×ÊÓƵ

To narrow this gap, my recent study proposes a novel framework integrating process safety and cybersecurity into LOPA. It is demonstrated by using a High-Density Polyethylene (HDPE) slurry process where the centrifuge node, as a case study, highlights a structural gap in traditional risk assessment methodologies, which were not designed to address the process deviations introduced from a cyber-attack or threat. The framework rests on three foundational constructs: the Purdue Enterprise Reference Architecture (PERA) as the structural model for system decomposition; the Common Vulnerability Scoring System v4.0 (CVSS v4.0) as the quantitative severity metric for cyber vulnerabilities; and the Kill Chain as the behavioural model for adversary progression.

The HDPE Slurry Centrifuge as a Resiliency Testbed

The HDPE slurry process is a widely used polymerization process. The slurry centrifuge is a critical separation unit that receives polymer slurry from the reactor. The polymer slurry then requires effective solid-liquid separation via a decanter centrifuge prior to downstream drying and pelletization. Key operational dependencies include Variable Frequency Drive (VFD) speed control, vibration monitoring, feed flow regulation, DCS supervisory control, and alarm management systems.

In classical HAZOP and LOPA frameworks, initiating events are typically mechanical failures (seal leaks, overspeed, feed blockage, etc.) and human errors. However, in a modern ICS environment, initiating events are intentional and may originate, for example, from remote access exploitation, malware injection, sensor spoofing, phishing attacks, etc. These are not hypothetical scenarios. Historical incidents, such as Stuxnet, Colonial Pipeline, and TRITON, demonstrate that adversaries can deliberately target PLC logic and safety systems to induce physical consequences. The centrifuge provides an ideal resiliency test case because it contains both rotating mechanical energy hazards and flammable hydrocarbon exposure risk.

A Structured Integrated Resiliency Framework: Using the HDPE case study architecture, implement a structured integration methodology:

• Step 1: HAZOP: What can go wrong?

• Step 2: PERA: Where is the weakness?

• Step 3: Kill Chain: How can an attack happen?

• Step 4: CVSS: How bad is it?

• Step 5: LOPA: Are we protected? Cyber IPLs incorporation, MEF tolerance.

• Step 6: Mitigation Planning: What should we do to fix it?

The Southeast Texas (SETX) region has many refineries and chemical plants that handle dangerous materials like flammable gases and toxic chemicals. Modern plants in SETX rely on DCS / PLC systems, remote monitoring, networked VFDs, etc. Past incidents like the West Fertilizer Company explosion show how small failures can escalate quickly and emergency response can be exhausted. Facilities in SETX must comply with OSHA, PSM, EPA, HSE and increase cybersecurity guidance (e.g., NIST for ICS, IEC 61511 and ISA 62443). The SETX region is also prone to hurricanes, flooding (e.g., Harvey), and power disruptions. For example, in a combined risk scenario, storm conditions reduce visibility and control, creating a window where cyberattacks are harder to detect and more likely to cause physical damage. This work helps protect SETX’s critical petrochemical infrastructure by linking cyber threats directly to real process safety consequences.

True Industry Resiliency Now Requires:

Modern risk management must combine safety and cybersecurity, as well as stay updated in risk modelling where resiliency must consider real attacks, not just random equipment failures. Interconnected infrastructure, for example power, control systems, networks, and engineering workstations, can silently undermine IPL independence assumptions. Resiliency models should incorporate evolving vulnerabilities, patch cycles, and threat intelligence rather than relying on static historical data. Facilities should develop cyber-physical testbeds and be tested through realistic scenarios.

Resiliency is no longer just redundancy. It is designing systems that remain safe even when adversaries are actively attempting to destabilize them. The petrochemical industry has historically evolved after catastrophic events such as Flixborough, Piper Alpha, and Bhopal. Today, the next class of industrial catastrophe may originate not from corrosion or overpressure but from a keyboard. If we continue to treat cybersecurity and process safety as parallel domains, resiliency will remain incomplete. The above case illustrates a path forward: integrating cyber exploit modelling, architectural mapping, and classical LOPA into a unified framework capable of addressing modern industrial threats. Resiliency in 2026 is not just about surviving failure. It is about surviving intent.

Credits

Sharath Daida, PhD (research and writing)

Topics