What are the functional safety and cyber security regulations and standards?
The regulatory basis derives from the following texts:
- Directive 96/82 Seveso II,
- Order of 29 September 2005,
- Circular of 10 May 2010,
- Directive 93/43 Hygiene,
- Directive 06/42 Machines of 17/05/2006,
- Directives 89/655 EPI + 89 / 391 safety and health of workers,
- Instruction 6600 / SGDN / PSE / PPS of 26 September 2008,
- List of vital operators by decree (2006 and 2008),
- Transmission of self-monitored data (decree of 22/06/2007)
This regulatory basis directly or indirectly leads to a number of constraints, the main ones being:
- Obligation to identify risks and classify them according to their probability and consequences in a 5-level scale directly corresponding to the approach of the standards which are cited in the circular of 10 May 2010
of the Ministry of the Environment, but not mandatory . This makes the application of IEC61508 and IEC61511 virtually unavoidable.
- Draw up the terms of the risk assessment.
- Implement risk control measures whose effectiveness is directly defined by the classification of the risk under consideration.
- Document the risk control process.
The applicable comprehensive standard-setting framework is broad but may be restricted to standards directly related to two aspects of safety:
- IT security Operational safety:
- functional safety - instrumented safety systems