Cyber HAZOP Analysis

COURSE 3 – Training in english

Course Summary

  • The course is based on examples and real practical exercises on cybersecurity risk assessment methodologies (Cyber-HAZOP, Cyber-LOPA).
  • Based on HAZOP-LOPA analysis, cyber-risk analysis is developed following a similar methodology Cyber HAZOP-LOPA.
  • An Excel-based tool is used to complete the examples and exercises in the course.
  • The methodologies explained are based on the ISA Technical Report TR84.00.09-2017 and the Standards IEC62443 and IEC61511 / 61508.

Clause 11.2.12 of IEC 61511:2016:


“The design of the SIS shall be such that it provides the necessary resilience against the identified security risks (see 8.2.4).
Note: Guidance related to SIS security is provided in ISA TR84.00.09, ISO/IEC 27001:2013 and IEC 62443-2-1:2010”.

Online Course (FS3E-WI)

  • Course in English for 1 participant.
  • 45 days of free access to the virtual classroom with the contents (PDF, Excel Tool, 6 Videos with explanations spoken in English with optional subtitles in English).
  • License of 1 year of Risk Analysis Excel Tool is included.
  • The duration of the course is between 5 and 8 hours depending on previous knowledge.
  • Course price: 540 €. This course can be started immediately.
  • BUY

Download PDF flyer of the course

Online Course (FS3E-3)

  • Virtual instructor-led training (VILT) for a maximum of 10 participants.
  • The duration of the course is 8 hours, distributed in 3 online sessions with MS-Teams (2.5h+3h+2.5h.).
  • This course is only for companies with at least 4 participants. For more information contact us at info@safetyandsis.com

Optional exam for “CyberHAZOP Engineer” certification (240 €). For more information contact info@safetyandsis.com

Summary of course contents:

Module 1: Risk Concepts

  • How risk is quantified.
  • Examples in “safety” and “security”.
  • Risk Gap, Tolerable Risk, Layers of protection.
  • The Risk Matrix for safety.
  • The Risk Matrix for cybersecurity.

Module 2: IEC62443 vs IEC61511

  • Similarities in life cycle.
  • Concepts: SIF, SIL, SIS, SL.
  • IEC62443: High-level assessment, detailed assessment, Zones and Conduits.
  • Vulnerabilities: Assessment, public databases, examples, etc.
  • Threats: Sources, attack vectors, etc.

Module 3: Methodologies

  • Explanation of the Excel tool of the course.
  • Basic example of HAZOP and LOPA (for non-HAZOP experts).
  • Cybersecurity Risk Assessment: Methodologies proposed in ISA TR84.00.09, consequence-driven method (SPR), assessment with probability, advantages and limitations of each method, examples with Excel Tool.

Module 4: Practical examples

  • Explanation of the case study (industrial process).
  • Result of HAZOP/LOPA with Excel Tool.
  • High level Cyber HAZOP: a)Advantages of SPR method; b)Use of cyber-attack likelihood; c)Calculation of required SL; d)Non-hackable layers; e)How to calculate cyber-attack likelihood; f)Results with Excel Tool.
  • Cyber LOPA: Calculation of CRRF and required SL and other considerations. Results with Excel Tool.

Module 5: Practical Exercise

  • Explanation of the 3 case studies.
  • Excel Tool with CyberHAZOP-CyberLOPA unsolved cases.
  • Excel Tool with CyberHAZOP-CyberLOPA solved cases.

Module 6: Verification of the SL

  • IEC 62443 requirements (foundational and system requirements).
  • Example of a detailed Cyber Risk Assessment.
  • Examples of Security Level Verification with Excel Tool.

Who is the course for?

The course is especially aimed at HAZOP-LOPA technicians in the process industry due to the need to incorporate the cybersecurity assessment required in IEC 61511 (clauses 8.2.4 and 11.2.12). No knowledge of cybersecurity is required. The course is also of interest to cybersecurity technicians from the IT world who will be involved in cybersecurity risk assessment in the OT world.

Course documentation

  • PDF files of the contents.
  • Excel tool for HAZOP-LOPA- Cyber-HAZOP/LOPA (1 year license) (read more).
  • Course certificate after final Test.