Isa-tr84.00.09 Jun 2026

In the world of industrial control systems (ICS), two documents get all the glory. There’s , the sprawling, multi-part behemoth that serves as the constitution for industrial cybersecurity. And then there’s ISA-84 (IEC 61511) , the bible of functional safety (SIS/SIL). They sit on opposite ends of the engineering bookshelf, rarely speaking to one another.

Most people skim the report and remember a single table—Table 4—which maps cybersecurity countermeasures (firewalls, whitelisting, access control) to safety lifecycle phases. Boring? Maybe. But that table gave birth to an entire workflow that is still cutting-edge today: isa-tr84.00.09

ISA-TR84.00.09 didn’t just predict the collision of safety and security. It gave us the tools to survive it. The only question is whether we’ll use them before the next TRITON finds its target. In the world of industrial control systems (ICS),

Unlike a traditional PHA, the CRA focuses on threat agents (hackers, disgruntled employees, malware) and attack vectors (USB drives, engineering workstations, network connections). They sit on opposite ends of the engineering

Addresses physical access issues related to the cybersecurity of the Industrial Automation and Control System (IACS). GlobalSpec Target Audience Asset Owners: To help secure critical safety assets. Operational Technology (OT) Personnel:

Focuses on mitigating random hardware failures and systematic design errors to prevent unsafe scenarios.