1,720,973 research outputs found
Analysis of system resilience in escalation scenarios involving LH2 bunkering operations
Full text linkIn the context of global energy transition and decarbonization efforts, resilience emerges as a critical factor in ensuring the reliability and adaptability of industrial infrastructure systems. This paper introduces a novel model rooted in Dynamic Bayesian Networks (DBNs) for the quantitative assessment of the resilience of engineered systems in the event of escalation scenarios triggered by domino effect. The model is integrated into a systematic, step-by-step procedure capable of evaluating the ability of complex systems to recover functionality from subsequent disruptions occurring at different times throughout the operational lifecycle. Leveraging DBNs, the methodology captures the dynamic interactions and feedback among subsystems or components, overcoming the limitations associated with conventional methods. The innovative methodology has been applied to a case study involving a liquid hydrogen (LH2) bunkering system, illustrating its effectiveness in assessing resilience amidst evolving accident scenarios. The results demonstrate the significant impact of escalation scenarios on system resilience and underscore the importance of proper implementation and management of safety measures and mitigation strategies. The proposed approach provides a valuable insight into system performance and empowers proactive risk management in the face of escalation scenarios, ensuring the continued operation and success of industrial operations in an uncertain and interconnected reality
Risk Identification for Cyber-Attacks to the Control System in Chemical and Process Plants
No full textCyber-attacks are becoming a growing concern for process facilities that highly rely on Operational Technology (OT) systems for the potential severity of the consequences on humans, assets, and the environment that can be generated. The study is based on the development of synergic tools aimed at filling the gap in the availability of specific approaches to support cyber risk identification phase required by Security Vulnerability/Risk Assessment methodologies and the cybersecurity risk assessment proposed by ISA/IEC 62443 series of standards on cybersecurity of Industrial Automation and Control Systems (IACS)
A Bow-Tie Approach for the Identification of Scenarios Induced by Physical Intentional Attacks to Chemical and Process Plants
Full text linkThe possibility of inducing major accident scenarios by physical intentional attacks (e.g. terrorist attacks) to chemical and process plants processing and storing hazardous substances, has been increasingly recognized in the last decades. The identification of the credible security scenarios (chain from attack scenarios to major accident scenarios) is required by Security Vulnerability/Risk Assessment (SVA/SRA) methodologies, but an evident lack of supporting tools is present in the literature. The present study proposes a Bow-Tie approach for the identification of reference security scenarios to support hazard identification phase in SVA/SRA. The potential use of the results is demonstrated on a test case (industrial atmospheric tank storing a flammable liquid)
Critical Cybersecurity Scenarios in Drinking Water Treatment Plants
No full textThe increasing interconnectivity with external networks and the higher reliance on digital systems make chemical and process industries, including waste and drinking water treatment plants, more vulnerable to cyberattacks. Historical evidence shows that these attacks have the potential to cause events with severe consequences on property, people, and the surrounding environment, posing a serious threat. While the risks deriving from the malicious manipulation of the Basic Process Control System (BPCS) and the Safety Instrumented System (SIS) in chemical and Oil&Gas facilities have been systematically analysed in the available literature, including previous works of the Authors, the analysis of the consequences of cyber-attacks to drinking water treatment plants has not been conducted to date. To fill this gap, in the present study the methodology POROS 2.0 (Process Operability Analysis of Remote manipulations through the cOntrol System) developed by the Authors was applied to a drinking water treatment plant, providing valuable insights on possible critical scenarios originated by cyber-attacks in these facilities
A Bayesian-network approach for assessing the probability of success of physical security attacks to offshore Oil&Gas facilities
Full text linkOffshore Oil&Gas facilities are attractive targets of intentional malicious attacks (security attacks) that may trigger cascading events (e.g., the release and dispersion of hazardous material and/or energy, fires, explosions) with consequences on people, environment, and assets. The severity of these consequences is potentially similar to those arising from major accident scenarios originated by conventional safety-related causes. Current practice in managing the risk of security attacks mostly relies on qualitative or semi-quantitative procedures developed over the years in the offshore Oil&Gas industry. In the present study, a systematic quantitative procedure is developed, based on a Bayesian Network (BN) approach, for calculating the probability of success of physical security attacks, taking into account both preventive and mitigative security intervention strategies. The procedure addresses the specific framework of the offshore Oil&Gas industry. A case study concerning an offshore fixed Oil&Gas platform allowed us to demonstrate the quality of the results that can be achieved and their potential towards the improvement of the security of the installations considered
Security Management of Offshore Oil&Gas Installations: the Italian Experience
Full text linkOffshore Oil&Gas installations face unique security challenges due to their remote and often vulnerable nature, as dramatically confirmed by the large number of past incidents occurred worldwide in the offshore sector. This paper delves into the security management of these installations, with the specific focus on the Italian context. It explores the strategies implemented by Italian authorities and industry stakeholders to address security challenges in the offshore sector, pointing out the regulatory framework and industry standards. Additionally, the paper discusses methodologies for conducting a security risk assessment in offshore Oil&Gas facilities and identifies best practices for the adoption of security measures to enhance security resilience in this sector. By leveraging the Italian experience, this paper aims at providing insights and practical recommendations regarding the security management of offshore operations
Vulnerability to Perforation from Shooting Attacks of Tanks Storing Hazardous Materials
Full text linkDue to the large quantities of hazardous materials stored and processed, chemical and process plants may be attractive targets for security attacks (e.g. terrorist attacks) that can severely impact workers, the population, the surrounding environment, and property. According to well established Security Vulnerability Assessment (SVA) and Security Risk Assessment (SRA) methodologies, the shooting threat to a chemical and process facility shall be investigated; however, the development of adequate damage models in case of shooting attacks using small/light weapons to industrial equipment units is still lacking. In the present study, an extended set of perforation models was retrieved from the literature and was validated against experimental data from perforation tests. The most reliable perforation models for soft core projectiles were selected and used to assess the vulnerability to perforation of atmospheric tanks storing hazardous materials for two reference projectiles enabling the identification of inherent safety threshold values for perforation thickness
Quantitative Evaluation of the Probability of Success of Deliberate Attacks in the Offshore Oil gas Industry
Full text linkDeliberate attacks (security attacks) pose a significant threat to offshore Oil&Gas critical infrastructures as they
have the potential of triggering major event scenarios with severe consequences on people, property, and the
surrounding environment. The standards API RP 70 and API RP 70I address security issues in the offshore
Oil&Gas sector, providing a semi-quantitative approach to evaluate the actual level of security risk. However,
as the credibility of security attacks grows, security risk assessments should be approached in a more
systematic and quantitative way to measure vulnerabilities and determine the level of protection available in the
site. In this context, the present study introduces a systematic quantitative procedure using Bayesian Network
(BN) to calculate the probability of success of physical attacks and the role of preventive and mitigative response
strategies. The procedure is applied to a case study allowing to show its potential for improving security in the
offshore Oil&Gas industry
Identification of reference security scenarios from past event datasets by Bayesian Network analysis
No full textThe global threat of deliberate attacks on chemical, process, and energy facilities underscores the urgent need to enhance Security Vulnerability/Risk Assessment (SVA/SRA) approaches. Traditional assessments often use historical data and Exploratory Data Analysis (EDA) to identify reference scenarios. However, EDA lacks a standardized approach to identify and rank the incident chains. A novel methodology based on Bayesian Networks (BN), named BAS2E, was developed to support the systematic identification of reference scenarios from past event datasets. The methodology is based on the development of a static quantified BN, that accurately reflects the causal relationships in incident chains, focusing specifically on those between threats, attack methods, and physical damage scenarios. The BN is quantified by statistical information from the analysis of the incident records and employs the Noisy-OR gate model to manage data gaps in the conditional probability tables (CPTs) specification. The application of the BN sensitivity analysis provides quantification of the reciprocal influence between nodes using a specific derivative-based parameter, allowing for the systematic ranking of the most impactful incident chains to be included as reference scenarios in SVA/SRA. The methodology is demonstrated through its application to a dataset of 109 security incidents that occurred in the offshore Oil&Gas sector
Assessing the Security of Offshore Oil gas Installations Using Adversary Sequence Diagrams
Full text linkOffshore Oil&Gas fluid production installations may be the target of intentional malicious acts (security attacks) carried out by adversaries of different nature and different motivations which may generate major events with severe consequences on workers, the environment and the property. The current study reviews the state of the art concerning the security of Offshore Oil&Gas operations, which is typically addressed according to best practices and qualitative or semi-quantitative methods. However, systematic approaches or guidelines in support of the analysis are still lacking. The current study investigates the possibility of using Adversary Sequence Diagrams (ASDs) as Security Vulnerability/Risk Assessment (SVA/SRA) supporting tools. A case study addressing a fixed Offshore Oil&Gas fluid production platform proved the ability of ASDs to provide credible attack modes within the Physical Protection System (PPS) that the adversaries have to perform in order to accomplish their objectives, as well as the security barriers that can potentially be effective in delaying and detecting the attacks, which are information required by SVA/SRA studies
- …
