Sector-Specific

OT Security for Chemical Manufacturing: Protecting Process Safety from Cyber Threats

July 9, 202611 min readBy Beacon Security Team

Where Cybersecurity Meets Process Safety

Chemical manufacturing occupies a distinctive place in the world of OT security, because in a chemical plant the stakes of losing control are among the highest anywhere in industry. These facilities manage reactions and processes involving heat, pressure, and hazardous materials, and the systems that control them are also, in part, the systems that keep them safe. When cybersecurity and process safety overlap this closely, they can no longer be treated as separate disciplines.

This is the defining characteristic of chemical sector OT security: a cyber incident is potentially a safety incident. An attacker who manipulates a process, disables a protection, or blinds an operator is not merely causing downtime or stealing data. They are interfering with the systems that stand between a controlled process and a release, a fire, or an explosion. That reality shapes every aspect of how these environments must be secured.

Understanding the sector's specific systems, threats, and standards is the foundation of protecting it.

The Chemical Sector Threat Landscape

Chemical and petrochemical facilities are attractive targets for a range of adversaries, and the sector has featured in some of the most significant events in OT security history. The 2017 TRITON attack, which targeted a safety instrumented system at a petrochemical facility, remains the clearest demonstration of an adversary deliberately going after the safety layer itself, with the apparent aim of enabling a physical incident. It stands as a permanent reminder that the systems designed to prevent catastrophe are themselves targets.

Beyond that landmark case, chemical facilities face the same spectrum of threats as other critical industries: ransomware capable of disrupting production, nation-state interest in strategically important infrastructure, and supply chain and vendor risk arising from the heavy involvement of equipment vendors in these complex environments. What sets the chemical sector apart is not the range of threats but the severity of what can go wrong if they succeed.

The Critical Systems: DCS and SIS

Two categories of system sit at the heart of chemical plant control and safety, and understanding the distinction between them is essential.

The distributed control system (DCS) runs the process day to day. It coordinates the many instruments and control loops that keep a chemical process operating within its intended parameters, and it is the primary system through which operators monitor and adjust the process. Protecting the DCS from unauthorized change is fundamental, because manipulation of the process control layer can push a process toward unsafe conditions.

The safety instrumented system (SIS) is an independent protection layer whose sole purpose is to bring the process to a safe state if it moves toward a dangerous condition, for example by initiating an emergency shutdown. The SIS is deliberately separate from the DCS so that it can act as an independent safeguard. Its integrity and availability are paramount, because it is the automated last line of defense. This is precisely the layer that TRITON targeted, and its protection is the single most important security objective in a chemical facility.

Security implication: The DCS and the SIS require distinct and rigorous protection, and the independence of the safety layer must be preserved. A design in which a compromise of the control system could also affect the safety system removes exactly the separation that makes the safety layer trustworthy.

The Regulatory and Standards Landscape

Chemical facilities operate within a framework of standards and regulations that increasingly address the intersection of cyber and safety.

IEC 61511 is the functional safety standard for the process industries, governing safety instrumented systems. It has come to recognize that cybersecurity is integral to functional safety, since a safety system that can be compromised cannot be relied upon to perform its safety function. Cybersecurity for the SIS is therefore not separate from safety; it is part of assuring it.

IEC 62443 provides the overarching framework for industrial cybersecurity, and its concepts of zones, conduits, and security levels apply directly to the segmentation and protection of chemical plant control and safety systems.

Regulatory approaches to chemical facility security vary by region and continue to evolve. In some jurisdictions, dedicated chemical security programs have governed the sector, though the specifics of these programs, including their scope and current status, differ and change over time. In other regions, broader critical infrastructure and OT cybersecurity regulations increasingly apply to chemical operators. The prudent approach is to build security around recognized international standards, which positions a facility well regardless of how specific regional requirements develop.

Securing Chemical Manufacturing OT

Protecting a chemical facility combines the general principles of OT security with particular emphasis on the safety-critical nature of the environment.

Protect and verify the safety system. Ensure the SIS is properly isolated from the control system and the broader network, and verify that isolation rather than assuming it. Control access to safety system engineering tools tightly, since those tools are what an attacker would need to alter safety logic.

Segment by consequence. Use IEC 62443 zones and conduits to separate the safety systems, the control systems, and general-purpose systems, giving the SIS the highest level of protection. Segmentation contains the impact of any compromise and preserves the independence of the safety layer.

Govern vendor and remote access. The heavy vendor involvement in chemical plant control and safety systems creates a significant access footprint. Strong authentication, least privilege, and session monitoring for this access are essential.

Integrate cybersecurity with process safety management. Treat cyber risk to the process as part of the existing process safety framework, so that the two disciplines reinforce each other rather than operating in isolation.

Establish visibility and monitoring. Maintain a complete asset inventory and monitor the control and safety networks, so that anomalous activity, particularly anything touching the safety systems, is detected.

Defensive implication: In chemical manufacturing, the protection of the safety instrumented system is the highest priority. Every other control supports the overriding goal of ensuring that the automated safeguards against catastrophe cannot be undermined.

Common Findings

From Beacon Security's assessment work in the process industries, the recurring issues include:

  • Insufficient isolation of safety systems, where the independence of the SIS is not fully assured.
  • Uncontrolled access to engineering tools for control and safety systems.
  • Weak segmentation between control, safety, and general-purpose networks.
  • Extensive, under-governed vendor access to critical systems.
  • Cybersecurity and process safety managed separately, missing the connection between the two.

Getting Started

Assess the safety systems first. Verify the isolation and integrity of the SIS, since it is the most consequential system in the facility.

Map and segment the environment. Group and separate systems according to consequence, prioritizing the isolation of the safety layer.

Bring vendor access under control. In these environments, its scale and criticality make it an early priority.

Connect cyber and safety governance. Ensure that cyber risk to the process is considered within the existing process safety framework.

Chemical manufacturing is where the physical stakes of OT security are at their highest, and where the link between cybersecurity and safety is most direct. Protecting these facilities means recognizing that securing the process and keeping it safe are, increasingly, the same task. Operators who build their security around that understanding, with the protection of the safety layer at its center, safeguard not only their production but the people and communities around them.


Beacon Security helps chemical and process manufacturers secure DCS and safety instrumented systems, verify safety-layer isolation, and align OT cybersecurity with process safety, based on IEC 62443 and IEC 61511. Contact us to discuss protecting your process.

Industrial infrastructure
OT Cybersecurity Experts

Your OT Environment Deserves
Expert Protection

IT security tools were not built for Modbus, OPC, or safety-rated controllers. Get a dedicated OT cybersecurity team that understands industrial protocols, control system architecture, and the operational constraints of your environment.

IEC/ISA 62443 Aligned
NIST 800-82 Compliant
OTCC Ready
ECC Aligned
Zero Operational Disruption