1,720,965 research outputs found
Cyber Threats Affecting the Process Industry and Similar Sectors
No full textCyber threats are becoming a growing concern for industrial facilities characterized by a high degree of automation, especially those that highly rely on Operational Technology (OT) systems such as process facilities. Fixed installations where chemical and petroleum products are manufactured and stored (e.g. Seveso sites in EU) are of primary concern since attackers may exploit their inherent hazardous conditions and trigger events with severe consequences on workers, population, the environment, and the company itself (e.g. major accidents). The study is based on the development of a database of 82 cybersecurity-related incidents (CSIs) and its analysis using Exploratory Data Analysis (EDA). Time-trend (from 1975 to 2020), geographical distribution, distribution among the industrial sectors, impacts of the incidents, and type of attackers (intentional external / intentional internal / accidental) were investigated, evidencing important findings. The attacks resulted to be able to affect not only the company Information Technology (IT) system, which is a threat common to several business sectors, but also to manipulate the control and safety systems (OT). Finally, the analysis of a sub-set of incidents with more detailed information allowed to identify the general phases of a cyber-attack to IT-OT systems of a process facility. The information obtained can be used to support the application of the techniques commonly used to handle security-risks in process facilities, such as Security Vulnerability Assessment (SVA) methodologies
Process hazard and operability analysis of BPCS and SIS malicious manipulations by POROS 2.0
Full text linkThe increasing interconnectivity with external networks and the higher reliance on digital systems make the facilities of the chemical, process, and Oil&Gas industry more vulnerable to cyber-attacks. These attacks have the potential of causing events with severe consequences on property, people, and the surrounding environment such as major event scenarios. The application of the currently available methodologies for cyber risk identification to complex plants with a large number of units may be demanding and cumbersome. The present study proposes an updated methodology, named POROS 2.0, that allows reducing time and effort in application by limiting the scope of the analysis to relevant cybersecurity scenarios. The latter are identified by investigating the potential escalation of consequences propagating among process and/or utility nodes of the manipulations of BPCS and SIS, similar to what is done in the HazOp technique in the safety domain. POROS 2.0 was demonstrated by the application to a case study addressing a fixed offshore platform for gas exploitation
A systematic methodology for the identification of major accidents induced by malicious manipulation of the bpcs and the sis in a process plant
Full text linkCyber-attacks aimed to interfere with the Basic Process Control System (BPCS) and the SIS (Safety Instrumented System) of industrial facilities where large quantities of hazardous substances are stored or handled may have consequences comparable to those of conventional major accidents due to internal causes. While consolidated approaches exist to manage and control the cybersecurity of IT (Information Technology) and OT (Operational Technology) systems of a plant, there is an evident lack of operating procedures for assessing the actual link between malicious manipulations of the BPCS and the SIS (OT system) and the major accidents that can be induced. In the present study a specific operating systematic methodology, PHAROS, was developed to address the identification of major accident scenarios achievable by remote manipulation of the physical components of the plant (e.g. automatic valves, pumps, compressors, etc.). The methodology exploits a reverse-HazOp concept and it also supports the definition of the specifications for the design and management of barriers aimed at the prevention and mitigation of such scenarios. The application of PHAROS to a demonstrative case study evidenced first that both the BPCS and the SIS typically need to be attacked in order to induce major accidents, and second, that passive/inherent safeguards have a key role with respect to the success of the considered malicious attack in case they are properly designed
Analysis of past cybersecurity-related incidents in the process industry and the like
Full text linkThe process industry and similar sectors are undergoing a digital transition towards higher levels of automation. This, while ensuring advantages such as efficient process control, quick and safe response to abnormal conditions, improvement of product quality and continuous process optimization, it exposes the process sites to cybersecurity threats. A cyber-attack, besides economic and reputation damages, can potentially trigger major accidents (e.g. loss of containment of hazardous materials) with severe consequences on workers, population and the environment. In the present study, the cybersecurity-related incidents (CSIs) that occurred in the chemical, petrochemical, energy production, and water/wastewater sectors, were investigated. The analysis is based on the development of a database of 78 cybersecurity-related incidents. The aim of the study is to frame a clear picture of the cyber-attacks on IT-OT (Information Technology-Operational Technology) system of process facilities and to issue lessons learnt from past incidents
Analysis of Cybersecurity-related Incidents in the Process Industry
No full textThe digital transition in the process industry is characterized by a high level of automation and an increasing connection with external networks, which makes facilities vulnerable to cybers-threats. A cyber-attack, beside economic and reputational damages, can potentially trigger major events (e.g. releases of hazardous materials, fires, explosions) with severe consequences on workers, population, and the environment. In the present study, the cybersecurity-related incidents that occurred in the process industry and in similar industrial sectors (chemical, petrochemical, energy production, water/wastewater treatment) were investigated. The aim of the study is to frame a clear picture of the cyber-attacks on the automated control systems of process facilities and to issue lessons learnt from past incidents. The study is based on the development and analysis of a database of 82 cybersecurity-related incidents gathered from various sources. Time trend, geographical distribution, distribution among the industrial sectors, impacts of the incidents, and nature of the cyber-attacks (attacker, intentional/accidental type, system infected) were investigated. The analysis of a sub-set of more detailed incidents allowed the identification of the general steps of a cyber-attack on automated control systems of a process facility, the main hacking techniques used by the attackers and the more common cybersecurity countermeasures applicable to the prevention of a cyber-attack
A systematic procedure for the identification of major accident hazards induced by malicious manipulations of the control and safety instrumented systems
No full textCybersecurity threats on the industrial automated control systems (IACSs) are becoming a growing concern for the industrial facilities, and in particular for those where large quantities of hazardous substances are stored or handled (i.e. Seveso sites in Europe). Cyber-attacks on the control (BPCS) and safety instrumented (SIS) systems of Seveso plants may have consequences comparable to those of conventional major accidents due to internal causes. While consolidated approaches exist to manage and control the cybersecurity of IT and OT systems of a facility, there is an evident lack of procedures for assessing the actual link between malicious manipulations of the OT system (BPCS plus SIS) and the major accidents that can be triggered. In the present study a specific methodology (PHAROS) was developed to address the identification of major accident scenarios achievable by remote manipulation of the plant physical components. The methodology exploits a reverse-HazOp concept and it also supports the definition of the specifications for the design and management of barriers aimed at the prevention and mitigation of such scenarios. The application of PHAROS to a demonstrative case study evidenced first that both the BPCS and the SIS typically need to be attacked in order to induce major accidents, and second, that passive/inherent safeguards have a key role with respect to the success of the considered malicious attack in case they are properly designed
Major accidents triggered by malicious manipulations of the control system in process facilities
No full textSecurity threats on the industrial automated control systems (IACSs) are becoming a growing concern for all the industrial facilities, and in particular for those where large quantities of hazardous substances are stored or handled (e.g. Seveso sites in Europe). Remote (cyber) or physical malicious manipulations of the automated control system of Seveso sites may have consequences comparable to those of conventional major accidents due to internal causes (e.g. loss of containment of hazardous materials, fires, explosions). While consolidated approaches exist to manage and control the cybersecurity of IT and OT systems of a facility, there is an evident lack of procedures to assess the actual link between malicious manipulations of the safety and control systems and the major accidents that can be triggered. In the present study, a specific methodology (PHAROS) was developed to address the identification of major accident scenarios achievable by malicious manipulation of physical components of the plant through the control and safety instrumented systems. The methodology, which exploits a reverse-HazOp concept, also analyses the role of the existing safety barriers in contrasting the chain of events triggered by the malicious manipulation, and may support the definition of design specifications and/or possible IT protection requirements for such barriers. The methodology was applied to a demonstrative case study to understand the features of the results obtained and their potential towards the improvement of the security of the process facility
Outage and asset damage triggered by malicious manipulation of the control system in process plants
Full text linkIntentional acts consisting in remote (cyber) or physical manipulations of the BPCS (Basic Process Control System) and the SIS (Safety Instrumented System) of a process plant may result in severe consequences for the affected industrial facilities. Interruption of productivity, with or without asset damages, generally results in huge economic losses and, at times, in damages to reputation, people and the environment. Despite the existence of several international standards aimed at the assessment and management of cybersecurity of IT (Information Technology) and OT (Operational Technology) systems of a facility, only few contributions are present in the literature addressing the concrete connection between malicious manipulations of the BPCS and SIS systems and the impacts on the physical process system that can be initiated. In this panorama, the present work fills this gap by developing a systematic qualitative methodology supporting the identification of possible security events affecting the operability and/or system integrity of a process plant, of the malicious manipulations by which they may be initiated, and of the existing safeguards in place. The results can be used within the standard procedure for cyber risk management of the IT-OT system (e.g. ISA/IEC 62443), to support the identification of protection requirements and countermeasures. The methodology is complementary to current safety and security assessments and is intended for application to front-end design phase as well as to the security review of operating plants. The methodology was applied to a case study (an offshore Oil&Gas compression plant) to demonstrate the potential of the methodology and the results obtained
A systematic procedure for the identification of major accident hazards induced by malicious manipulations of the control and safety instrumented systems
No full textCybersecurity threats on the industrial automated control systems (IACSs) are becoming a growing concern for the industrial facilities, and in particular for those where large quantities of hazardous substances are stored or handled (i.e. Seveso sites in Europe). Cyber-attacks on the control (BPCS) and safety instrumented (SIS) systems of Seveso plants may have consequences comparable to those of conventional major accidents due to internal causes. While consolidated approaches exist to manage and control the cybersecurity of IT and OT systems of a facility, there is an evident lack of procedures for assessing the actual link between malicious manipulations of the OT system (BPCS plus SIS) and the major accidents that can be triggered. In the present study a specific methodology (PHAROS) was developed to address the identification of major accident scenarios achievable by remote manipulation of the plant physical components. The methodology exploits a reverse-HazOp concept and it also supports the definition of the specifications for the design and management of barriers aimed at the prevention and mitigation of such scenarios. The application of PHAROS to a demonstrative case study evidenced first that both the BPCS and the SIS typically need to be attacked in order to induce major accidents, and second, that passive/inherent safeguards have a key role with respect to the success of the considered malicious attack in case they are properly designed
- …
