Measure type: Control System


Risks can be reduced if a threat is recognized and indicated in early stage before the consequence really occurs (or before the consequences aggravate). Therefore control systems can help to reduce the risk of unmentioned incidents by warning the operating staff early enough to take action to prevent hazardous incidents from happening or aggravating. Examples for control systems are pressure sensors in pipes or alarm systems at water treatment sites. Generally control systems consist of three main parts: the sensor, the evaluation of the measured data and the subsequent action. Control systems may work with physical/chemical sensors or human observations (inspections) to detect abnormal states of the supply system. The assessment of the observation may be done automatically by the control system or by human activity and will result in the decision, if further action is necessary or not. The action can be carried out automatically by the control system or by human activity. Control systems may be used as a RRM against cyber, physical and cyber-physical threats. For cyber threats special software may be used as control system to prevent cyber-attacks. Control systems in the field of cyber threats might for example be firewalls inspecting ingoing and outgoing data for viruses, Trojans or similar. However, it can be difficult to distinguish between control systems and barriers sometimes. For example, firewalls can be seen as barriers if they directly refuse access of malware to data as well as they can also be seen as control systems if they just warn the user and only act depending on the user’s anticipation.