DOI: 10.3303/CET2291003 Paper Received: 17 December 2021; Revised: 11 April 2022; Accepted: 21 May 2022 Please cite this article as: Yuan S., Reniers G., Yang M., 2022, The Necessity of Integrating Safety and Security Barriers in the Chemical Process Industries and Its Potential Framework, Chemical Engineering Transactions, 91, 13-18 DOI:10.3303/CET2291003 CHEMICAL ENGINEERING TRANSACTIONS VOL. 91, 2022 A publication of The Italian Association of Chemical Engineering Online at www.cetjournal.it Guest Editors: Valerio Cozzani, Bruno Fabiano, Genserik Reniers Copyright © 2022, AIDIC Servizi S.r.l. ISBN 978-88-95608-89-1; ISSN 2283-9216 The Necessity of Integrating Safety and Security Barriers in the Chemical Process Industries and its Potential Framework Shuaiqi Yuan, Genserik Reniers*, Ming Yang Safety and Security Science Section, Faculty of Technology, Policy and Management, TU Delft, Delft, The Netherlands G.L.L.M.E.Reniers@tudelft.nl Safety and security barriers are implemented in various forms to protect chemical plants from undesired accidents and mitigate the disastrous consequences. However, the necessity and rationality of integrating safety and security barriers need to be investigated, and the difficulty in integrated management of safety and security barriers is still a challenge. In this study, the research status of integrated safety and security barrier management are reviewed before the necessity, and theoretical ground for integrating security and safety barriers are elaborated. Then, a unified classification of safety and security barriers is proposed to benefit the collection of performance indicator-related data and further support the performance assessment of safety and security barriers. Finally, a framework for integrated management of safety and security barriers is suggested to support the integrated management of safety and security barriers. 1. Introduction Accidental and intentional undesired events threaten the chemical process industries due to the damages to humans, assets, and the environment that may be caused if such events happened. As critical infrastructures, the investigation of security issues in the chemical process industries was promoted, especially after 9/11 in America. The intentional attacks and thefts in the chemical and process industry could lead to severe physical and economic damage. They can induce a series of industrial accidents, such as domino accidents, considered the most catastrophic scenarios (Reniers et al., 2008). Because of the correlation and dependency between safety-related events and security-related events, some studies on the integrated safety and security risk analysis have been conducted by researchers. For instance, the necessity of involving risks caused by intentional threats into the traditional risk assessment and developing a unified framework for safety and security analysis were discussed (Aven, 2007). The inter-dependencies of safety and security issues in the critical systems were investigated by using the Boolean logic Driven Markov Processes (BDMP) method (Piètre- Cambacédès & Bouissou, 2010). The dependency of intentional acts and accidental failures was considered to obtain the integrated risks by integrating attack trees (ATs) and fault tree (FT) (Fovino et al., 2009). Abdo et al. (2018) combined bow-tie analysis and attack tree analysis for risk analysis of industrial control systems considering both safety and security risks. The integrated risks of accidental and intentional events were studied concerning the interaction between safety and security measures to obtain the real risks faced by the process industry (Song et al., 2019a). An integrated approach was proposed to dynamically assess the abnormal events caused by accidental or intentional accidents concerning safety and security factors (Song et al., 2019b). Recently, two novel safety and security co-analysis methods, an extension of the System-Theoretic Process Analysis (STPA-Extension) and the Uncontrolled Flows of Information and Energy (UFoI-E) were compared (Guzman et al., 2021a). To tackle safety and security risks, safety and security barriers can be implemented to prevent undesired events and/or mitigate the corresponding consequences. Thus, the integrated management of safety and security barriers becomes important with respect to safety and security co-analysis. Previous studies related to safety and security barrier management mainly focused on the optimization or optimal allocation of barriers. For examples, Reniers et al. (2008) proposed a user-friendly decision-support tool integrating safety and security to prevent domino effects in chemical clusters. A consequence-based method was established to optimize the allocation of safety and security resources in the chemical industrial parks with respect to intentional attacks, in 13 which the security measures and safety barriers were integrated into a dynamic vulnerability assessment graph (DVAG) model for vulnerability assessment of installations (Chen et al., 2019). The net present value of benefits (NPVB) and “PROTOPT” optimization algorithm were employed in the cost-benefit analysis to determine the most profitable protection strategy with the combination of safety and security measures (Chen et al., 2020). Although previous studies stressed the importance of safety and security risk co-analysis, the theoretical ground for integrating safety and security barriers has not been elaborated. A unified framework for integrated management of safety and security barriers has not been proposed from a system perspective. In order to facilitate barrier management, the necessity for integrating security and safety barriers is elaborated in this paper, and novel classification of safety and security barriers is proposed to benefit assessment and integrated management of safety and security barriers. Finally, a framework for integrated management of safety and security barriers is suggested from a system perspective. 2. The necessity of integrating safety and security barriers Process facilities are inevitably exposed to accidental and intentional risks. Security management should be regarded as an indispensable component of the process risk management. Safety and security barriers are implemented in various forms (technical and non-technical) to protect chemical plants from undesired damages. There is some difference between safety-related events and security-related events, for instance, intentional and malevolent acts can be more difficult to prevent since intelligent adversaries can change their strategies according to the protection measures. The goal of implementing both safety and security barriers is the same: prevent loss and reduce risks. Previous studies related to safety and security co-analysis have already laid a foundation for integrated safety and security barrier management. Moreover, practices in the field also indicate that integrated safety and security barrier management is a new trend. This paper concludes the reasons for integrating safety and security barriers as follows: ⚫ Events caused by intentional and malevolent acts can induce catastrophic accidents, and security-related factors may influence accidental factors as well and vice versa (Song et al., 2019b). Therefore, it is recommended to conduct a risk analysis to consider both safety and security risks, and the obtained integrated risks can be regarded as the “real risks”. Because the implementation and performance of both safety and security barriers have a considerable influence on calculating the “real risks”, it is necessary to integrate safety and security barriers during the risk assessment process. ⚫ In terms of research methods, security-related research can learn a lot from the theories and models that have been adapted in safety science. It is possible to develop a method to deal with safety and security risks because many similarities exist in safety and security problems. However, the risks can be diverse in different scenarios. ⚫ Considering the economic issues related to barrier management, the investment in safety/security barrier implementation, operation, inspection, maintenance all have economic limitations. Because the common goal of safety and security barriers is to prevent loss or reduce risks and there are some correlations and dependency between safety and security issues, the management concerning only safety barriers or security barriers can be almost impossible to obtain the most efficient and economical investment. Therefore, the integrated safety and security barrier management and investment can be more reasonable, effective, and economical with the help of safety and security barrier co-analysis and integrated investment. 3. Classification of safety and security barriers To achieve the integrated management of safety and security barriers, it is necessary to have a unified classification of safety and security barriers and support the unified optimization and management of safety and security barriers. A classification method for safety barriers was proposed to facilitate the indicator assignment and indicator-related data collection concerning the performance assessment of safety barriers (Yuan et al., 2022). Safety barriers are classified into technical, non-technical observable, and non-technical non-observable, considering the relationship between safety barriers and safety indicators, as shown in Figure 1. According to this classification, non-technical indicators associated with human perception, awareness, cognition, and psychology can be called non-observable indicators because they are impossible to observe or measure directly. Using this classification, different types of indicators and evaluation methods can be assigned to various safety and security barriers concerning the technical features of the barriers. 14 Figure 1: Classification of safety barriers adapted from (Yuan et al., 2022) According to the study in Garcia (2007), the functions of the physical protection systems (PPS) was divided into detection, delay, and response, which means the primary functions of a PPS are detection of an adversary, delay of that adversary, and response by security personnel (guard force). In the concept of PPS, various elements such as fences, sensors, communication devices, security personnel, and so on can be involved to achieve the protection objectives. The classification of PPS was widely used in the studies related to physical security barriers assessment and management (Chen et al., 2020) and the analysis of cyber-physical harm scenarios (Guzman et al., 2021b). In this study, we proposed combining the features of the safety and security barriers to achieve a unified classification of safety and security barriers using two-dimensional classification criteria. Both the indicator assignment and the functions of PPS were concerned. Additionally, this classification can be applied to both scenarios-specific barriers and management delivery systems. The proposed classification divided the safety and security barriers into nine categories with nine marks, as shown in Figure 2. We also provide an example to illustrate the proposed classification in case of oil storage tank damage that happened because of an external fire or an intentional attack. An illustrative scenario was presented by a bow- tie model with the pre-event scenario, as shown in Figure 3. Accordingly. the safety and security barriers used in this scenario were listed in Table 1, in which the classification marks of Figure 2 were assigned as well. As illustrated in Figure 3 and Table 1, twelve safety and security barriers can be employed to prevent the oil storage tank damage caused by an external fire or an intentional attack. The twelve safety and security barriers can be categorized according to the proposed classification method in Figure 2. Considering the activation phases (detection-delay-response), the safety and security barriers can be placed orderly in the evolution process of the accident scenario. According to this classification, different types of indicators and evaluation methods can be assigned to various safety and security barriers concerning the technical features of the safety and security barriers. Therefore, the proposed classification method is practical to integrate safety and security barriers, which can support the indicator assignment, inspection, assessment, and management of safety and security barriers in the chemical process industries. Figure 2: A unified classification of safety and security barriers in the chemical process industries by using two-dimensional classification criteria 15 Table 1: Safety and security barriers used in the prevention of oil tank damage Number Safety and security barriers Classification marks 1 Camera monitoring A1 2 Sensor monitoring A1 3 Security inspection B1 4 Fence A2 5 Water deluge system A2 6 Fireproofing material. A2 7 Emergency team B3 8 Warning alarm A1 9 Guard force B3 10 Training emergency team C3 11 Training guard force C3 12 Promoting interaction between technical monitoring and security inspection C1 Figure 3: Safety and security barriers used in the prevention of oil tank damage illustrated on the left side of a bow-tie 4. A framework for integrated management of safety and security barriers Although the optimization and optimal allocation of barriers were primarily discussed by previous studies and the cost-effectiveness analysis or cost-benefit analysis were employed to optimize barriers under budget limitations, the reasonable procedures for integrated management of safety and security barriers have been rarely investigated. The integrated management of safety and security barriers should follow a systematic process. Several issues need to be addressed concerning the integrated management of safety and security barriers. For instance, before developing an integrated framework for safety and security barrier management, the similarity and diffidence between safety and security barriers in terms of accident prevention and mitigation should be identified. The dependency and interactions between safety and security barriers that may affect their individual and integrated performance should be investigated based on quantitative risk assessment (QRA) or semi-quantitative risk assessment. Finally, by employing the risk-based approach and considering the failure probabilities of barriers, risk-based management of safety and security barriers can be simulated. This paper proposed a framework for managing safety and security barriers from a systemic perspective, as shown in Figure 4. 16 Figure 4: A framework for integrated management of safety and security barriers We divided the integrated management of safety and security barriers into three phases: i) barrier identification & data collection, ii) performance assessment & management, and iii) decision-making. The first phase, which is the preparation phase for the performance assessment of barriers, aims to identify barriers and collect useful data. The identification of integrated safety and security barriers can be achieved by employing bow-tie analysis with the consideration of both safety and security scenarios. The second phase handles the performance assessment of barriers and the safety indicator-based management of barriers. Firstly, the dependency and interactions between safety and security barriers should be investigated. Then, the performance assessment of barriers and MDS (management delivery systems) can be conducted based on safety indicators. Further, the indicator-based assessment of barriers helps barrier management. Finally, risk assessment approaches involving barrier modeling considering the failure probabilities of safety-critical barriers will be developed before the risk-based performance assessment of barriers can be achieved. The performance of barriers can be reflected by how many risks can be reduced by the implementation of such barriers. The final phase deals with decision-making on barrier management. The limitations such as budget limitations and technical constraints that will influence the decision-making on barrier management should be determined. Then, the cost-benefit analysis or cost-effectiveness analysis can be conducted with the combination of optimization algorithms to support decision-making on the allocation and optimization of barriers. Finally, the information and data related to barriers should be updated, and a new circle for barrier management can start. 5. Conclusions In this paper, the necessity for integrating safety and security barriers in the chemical process industries was discussed, and three main reasons were identified. A unified classification of safety and security barriers was proposed by using two-dimensional classification criteria considering technical features and functions of barriers. An illustrative example was used to show the feasibility of the proposed barrier classification method concerning an oil storage tank damage induced by an external fire or an intentional attack. A framework for integrated management of safety and security barriers is suggested from a systemic perspective. The comprehensive safety and security barrier management procedures were considered in this framework. Future studies should focus on the application and implementation of the proposed framework for integrated management of safety and security barriers. New approaches need to be developed to tackle the difficulties in integrating safety and security barriers in the chemical process industries. The operation of a barrier may cause some interventions to other barriers. How to consider and assess the dependency and interactions between safety and security barriers within the QRA framework and further make decisions on barriers management to minimize systemic risks need to be addressed. Meanwhile, the combination of quantitative/semi-quantitative barrier assessment and operational safety economics approaches has the potential to determine the most economical barrier investment strategy and support decision-making on barrier design, allocation, inspection, and maintenance. Acknowledgments This work is supported by the China Scholarship Council (Grant No: 202006430007). 17 References Abdo H., Kaouk M., Flaus J. M., Masse F., 2018, A safety/security risk analysis approach of Industrial Control Systems: A cyber bowtie–combining new version of attack tree with bowtie analysis, Computers & security, 72, 175-195. Aven T., 2007, A unified framework for risk and vulnerability analysis covering both safety and security, Reliability Engineering & System Safety, 92(6), 745-754. doi:10.1016/j.ress.2006.03.008. Chen C., Reniers G., Khakzad N., 2019, Integrating safety and security resources to protect chemical industrial parks from man-made domino effects: A dynamic graph approach, Reliability Engineering & System Safety, 191, 106470. Chen C., Reniers G., Khakzad N., Protection E., 2020, Cost-benefit management of intentional domino effects in chemical industrial areas, Process Safety and Environmental Protection, 134, 392-405. Fovino I. N., Masera M., De Cian A., 2009, Integrating cyber attacks within fault trees, Reliability Engineering & System Safety, 94(9), 1394-1402. Garcia M. L., 2007, Design and evaluation of physical protection systems, Elsevier. Guzman N. H. C., Zhang J., Xie J., Glomsrud J. A., 2021a, A Comparative Study of STPA-Extension and the UFoI-E Method for Safety and Security Co-analysis, Reliability Engineering & System Safety, 211, 107633. Guzman N. H. C., Kozine I., Lundteigen M. A., 2021b, An integrated safety and security analysis for cyber- physical harm scenarios, Safety Science, 144, 105458. Piètre-Cambacédès L., Bouissou M., 2010, Modeling safety and security interdependencies with BDMP (Boolean logic Driven Markov Processes), Paper presented at the 2010 IEEE International Conference on Systems, Man and Cybernetics. Reniers G. L., Dullaert W., Audenaert A., Ale B. J., Soudan K., 2008, Managing domino effect-related security of industrial areas, Journal of Loss Prevention in the Process Industries, 21(3), 336-343. Song G., Khan F., Yang M., 2019a, Integrated risk management of hazardous processing facilities, Process Safety Progress, 38(1), 42-51. Song G., Khan F., Yang M., 2019b, Probabilistic assessment of integrated safety and security related abnormal events: a case of chemical plants, Safety Science, 113, 115-125. Yuan S., Yang M., Reniers G., Chen C., Wu J., 2022, Safety barriers in the chemical process industries: A state- of-the-art review on their classification, assessment, and management, Safety Science, 148, 105647. 18 8yuan.pdf The Necessity of Integrating Safety and Security Barriers in the Chemical Process Industries and its Potential Framework