• Skip to main content
  • Skip to header right navigation
  • Skip to site footer
Athens Group Logo

Athens Group Services

Rig Inspection

  • Home
  • Services
    • Reactivation, Commissioning, and Upgrade
    • Marine Services
    • Rig Inspection & Acceptance
    • Well Control Equipment
    • Cybersecurity
      • TMECA®
    • Risk Management
  • About Us
    • About Us
    • Our Mission & Core Business Principles
    • Athens Group Services Advantage
    • Surveyor Competency Assurance
    • Integrated Knowledge Management
    • Covid-19 Policy
    • Workplace
    • CyberSecurity Policy
  • News & Resources
    • Projects
    • Newsletters
    • Oil Field Digitalization
  • Contact
Rig Inspections

CyberSecurity: Use the Tools You Have – HAZOP

March 7, 2019
LnRiLWZpZWxke21hcmdpbi1ib3R0b206MC43NmVtfS50Yi1maWVsZC0tbGVmdHt0ZXh0LWFsaWduOmxlZnR9LnRiLWZpZWxkLS1jZW50ZXJ7dGV4dC1hbGlnbjpjZW50ZXJ9LnRiLWZpZWxkLS1yaWdodHt0ZXh0LWFsaWduOnJpZ2h0fS50Yi1maWVsZF9fc2t5cGVfcHJldmlld3twYWRkaW5nOjEwcHggMjBweDtib3JkZXItcmFkaXVzOjNweDtjb2xvcjojZmZmO2JhY2tncm91bmQ6IzAwYWZlZTtkaXNwbGF5OmlubGluZS1ibG9ja311bC5nbGlkZV9fc2xpZGVze21hcmdpbjowfQ==
IEBtZWRpYSBvbmx5IHNjcmVlbiBhbmQgKG1heC13aWR0aDogNzgxcHgpIHsgICB9IEBtZWRpYSBvbmx5IHNjcmVlbiBhbmQgKG1heC13aWR0aDogNTk5cHgpIHsgICB9IA==

In our last post, we looked at three tools you may already use to help provide a safely functioning system at the front end – HAZOP, HAZID, and FMECA – and recommended their use for CyberSecurity. In this post, we’ll take a look at how to use HAZOPs to address CyberSecurity.

First, here is an overview of the HAZOP methodology:

Here is our recommended approach to addressing CyberSecurity within each phase of the HAZOP:

  1. In the Definition Phase:
    1. Within Scope and Objectives define:
      1. System Network Topology including all access points
      2. External Users including contractor access, application access, classes of users
      3. Internal Users including application access, classes of users
    2. Within Responsibilities define:
      1. Access policies
      2. User responsibilities
      3. Management of Change Policy
    3. Within the Team include at least one CyberSecurity subject matter expert (SME)
  2. In the Preparation Phase include:
    1. Within the Plan include keywords related to CyberSecurity; e.g. “more secure”, “less secure”, “access”
    2. Within Data Collection include:
      1. Formats for operational access logs
      2. Current activity logs for existing or “as like” assets
      3. Typical network traffic
    3. Within Estimate the Time include at a minimum 4 hours focused on CyberSecurity
  3. In the Examination Phase include:
    1. For each system part defined, ensure the design intent includes CyberSecurity
    2. For the remainder of the HAZOP follow each of the Examination Phase activities
    3. “Identify possible remedial/mitigating measures” is NOT optional. It is essential that CyberSecurity measures are identified and included during the design phase of any project.
  4. In the Documentation and Follow-Up Phase include:
    1. Ensure there are specific CyberSecurity actions
    2. Record and monitor any CyberSecurity action items and risks identified in the HAZOP

That’s it for recognizing CyberSecurity in your HAZOP. Next, we’ll look at putting CyberSecurity into your HAZID.

Read the blog entries on our website – www.athensgroupservices.com, join our LinkedIn Group, and subscribe to our newsletter.

Category: Oil Field DigitalizationTag: Oil Field Digitalization Series
Previous Post:Rig InspectionsCyberSecurity: Use the Tools You Have
Next Post:CyberSecurity: Use the Tools You Have – HAZID
  • Home
  • Services
    • Reactivation, Commissioning, and Upgrade
    • Marine Services
    • Rig Inspection & Acceptance
    • Well Control Equipment
    • Cybersecurity
      • TMECA®
    • Risk Management
  • About Us
    • About Us
    • Our Mission & Core Business Principles
    • Athens Group Services Advantage
    • Surveyor Competency Assurance
    • Integrated Knowledge Management
    • Covid-19 Policy
    • Workplace
    • CyberSecurity Policy
  • News & Resources
    • Projects
    • Newsletters
    • Oil Field Digitalization
  • Contact

Contact


(858) 926-5504

Contact Us

Follow Us


Follow along on social media

  • Twitter
  • LinkedIn

Copyright © 2025 · Athens Group Services · All Rights Reserved

Return to top