What are the functional safety and cyber security regulations and standards?

The regulatory basis derives from the following texts:

• Directive 96/82 Seveso II,
• Order of 29 September 2005,
• Circular of 10 May 2010,
• Directive 93/43 Hygiene,
• Directive 06/42 Machines of 17/05/2006,
• Directives 89/655 EPI + 89 / 391 safety and health of workers,
• Instruction 6600 / SGDN / PSE / PPS of 26 September 2008,
• List of vital operators by decree (2006 and 2008),
• Transmission of self-monitored data (decree of 22/06/2007)

This regulatory basis directly or indirectly leads to a number of constraints, the main ones being:

• Obligation to identify risks and classify them according to their probability and consequences in a 5-level scale directly corresponding to the approach of the standards which are cited in the circular of 10 May 2010 of the Ministry of the Environment, but not mandatory . This makes the application of IEC61508 and IEC61511 virtually unavoidable.
• Draw up the terms of the risk assessment.
• Implement risk control measures whose effectiveness is directly defined by the classification of the risk under consideration.
• Document the risk control process.

The applicable comprehensive standard-setting framework is broad but may be restricted to standards directly related to two aspects of safety:

• IT security Operational safety:
• functional safety - instrumented safety systems