8.1. Regulatory aspects 

What are the functional safety and cyber security regulations and standards?

The regulatory basis derives from the following texts:

  • Directive 96/82 Seveso II,
  • Order of 29 September 2005,
  • Circular of 10 May 2010,
  • Directive 93/43 Hygiene,
  • Directive 06/42 Machines of 17/05/2006,
  • Directives 89/655 EPI + 89 / 391 safety and health of workers,
  • Instruction 6600 / SGDN / PSE / PPS of 26 September 2008,
  • List of vital operators by decree (2006 and 2008),
  • Transmission of self-monitored data (decree of 22/06/2007)

This regulatory basis directly or indirectly leads to a number of constraints, the main ones being:

  • Obligation to identify risks and classify them according to their probability and consequences in a 5-level scale directly corresponding to the approach of the standards which are cited in the circular of 10 May 2010 of the Ministry of the Environment, but not mandatory . This makes the application of IEC61508 and IEC61511 virtually unavoidable.
  • Draw up the terms of the risk assessment.
  • Implement risk control measures whose effectiveness is directly defined by the classification of the risk under consideration.
  • Document the risk control process.

The applicable comprehensive standard-setting framework is broad but may be restricted to standards directly related to two aspects of safety:

  • IT security Operational safety:
  • functional safety - instrumented safety systems