In May 2019, the IEC published a guide to combining cybersecurity and safety for industrial automation and control systems (IACS), IEC TR 63069. I consider critically two main concepts in the guide: an overly-strong notion of "Security Environment" (SE), and an accompanying incomplete type of security-risk analysis called "threat-risk assessment " [sic]. A simple example from experience illustrates the weaknesses.
展开▼