The Svilosa plant produces microcrystalline cellulose (MCC). This chemical has a wide range of applications in various industries, including food, pharmaceuticals, biotechnologies, cosmetics, chemical industry, and agriculture.

• Incident Details: A fire occurred at the Svilosa chemical plant in Svishtov, Bulgaria, around 11:00 local time during the loading and unloading of sodium chlorate.
• Injuries: Three people were injured, including two employees and a firefighter who suffered cuts to his face.
• Evacuation and Safety: All employees were promptly evacuated, and there was no evidence of continued air pollution after the fire was extinguished.
• Investigation: Operations at the plant have been halted, and an investigation is underway to determine the cause of the incident.

Functional Safety Measures That Could Have Helped

1. Hazard and Risk Assessment (PHA/HAZOP)

• Early identification of process hazards and abnormal scenarios like thermal runaway or loss of cooling.
• Ensures proper safeguard layering with protection strategies tied to severity and likelihood.

2. Safety Instrumented Systems (SIS)

• Use of automated shutdown logic in response to critical conditions (e.g., high temperature, pressure, flame detection).
• Activation of interlocks to isolate chemical flows or depressurize vessels automatically.

3. Fire and Gas Detection Integration

• Real-time monitoring with flame, heat, and gas detectors feeding into the SIS or BPCS (Basic Process Control System).
• Immediate triggering of fire suppression systems and facility alarms.

4. Safety Integrity Level (SIL) Assessment

• Ensures systems are sufficiently reliable and appropriately fail-safe based on risk tolerance and consequence modeling.
• Prevents over- or under-designing protection loops.

5. Operator Alarm Management and Training

• Prevention of alarm flooding so critical warnings (like pre-fire temperature spikes or flammable vapor presence) aren’t missed.
• Simulation-based training ensures timely human response to trip conditions.

6. Asset Lifecycle Management

• Verification and validation of safety functions across commissioning, operation, and maintenance phases.
• Ensures proof testing and diagnostics are in place for ongoing risk control.

Lessons for Industrial Safety Programs

The fire is a sober reminder that functional safety is more than compliance—it’s resilience engineering. Embedding these measures systematically helps facilities detect, decide, and act before conditions spiral.

How Industrial Cybersecurity Could Help?

1. Prevent Malicious Manipulation of Safety Systems

• Ensures that attackers cannot disable or spoof sensors, interlocks, or alarms tied to SIS (Safety Instrumented Systems).
• Protects engineering workstations and control networks from ransomware or remote access tools that could delay shutdown responses.

2. Secure Remote Access & Engineering Tools

• Implements strict authentication and access control for remote users (vendors, integrators) who may unintentionally introduce vulnerabilities.
• Monitors changes to PLC logic, DCS configurations, and HMI interfaces to detect unsafe alterations.

3. Anomaly Detection for Safety-Relevant Signals

• Uses ICS intrusion detection systems (IDS) to detect abnormal patterns—like a valve command sent at the wrong time or conflicting actuator states.
• Early warning of potential cyber-physical coordination failures.

4. System Hardening Against Exploitable Vulnerabilities

• Ensures unpatched HMIs, PLCs, or fire & gas systems don’t become backdoors for threat actors.
• Blocks malware like Sedexp (as discussed on WisePlant) that could stealthily sabotage real-time safety telemetry.

5. Cyber-Informed Hazard Analysis (CIHA)

• Incorporates cyber scenarios into PHA, HAZOP, and LOPA studies.
• Forces teams to consider what happens when a trusted signal is falsified or when operator workstations are compromised mid-emergency.

6. ISA/IEC-62443 Lifecycle Alignment

• Brings rigor to the secure design, implementation, operation, and decommissioning of systems that interact with flammables, toxic materials, or high pressures.

Functional Safety + Cybersecurity = Resilience

Together, functional safety addresses what must go right when systems fail, while cybersecurity ensures that no one maliciously forces a failure. In incidents like Svilosa’s, this dual approach could mean the difference between containment and catastrophe.

Source: Link