Process control systems, like those used in chemical, petroleum, pharmaceutical, pulp and paper, or other manufacturing processes, typically include one or more process control devices such as controllers and input/output (I/O) servers that are communicatively coupled to at least one host including at least one operator workstation and to one or more field devices (e.g., device controllers, valves, valve actuators, valve positioners, switches, transmitters, temperature sensors, pressure sensors, flow rate sensors and chemical composition sensors or combinations thereof) to control physical processes or discrete manufacturing operations (e.g., opening or closing valves and measuring or inferring process parameters) in a physical plant such as oil refineries and automobile manufacturing facilities. A process control device receives signals indicative of process measurements made by the field devices and/or other information pertaining to the field devices, uses this information to implement a control routine, and generates control signals that are sent over the buses or other communication lines to the field devices to control the operation of the process control system.
Many process control systems incorporate security features to prevent unauthorized persons from changing control parameters, commanding devices, obtaining process control information, etc. to ensure the safe, secure operation of a process plant. Such security features are can be especially important in process control plants including a safety instrumented system (SIS), which may be required to perform a safe shut down of a main or primary process control system for certain process operations involving hazardous chemicals or any other material or process that could present a safety risk in the event the main or primary process control system fails or is otherwise compromised during operation. Traditionally, process control systems provided security for safety instrumented systems by using an independent and separate safety system, the use of which was typically authorized to a limited number of personnel. However, the increased costs and effort of operating and maintaining completely separate systems have led to the integration of safety systems within process control systems. Such integration of safety systems into process control systems introduces security concerns and requires additional security measures to prevent unauthorized changes to safety instrumented systems even when the process control system itself has been compromised.