Abstract
Recent cyber-physical attacks, such as <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">Stuxnet, Triton</i> etc., have invoked an ominous realization about the vulnerability of critical infrastructure, including water, power and gas distribution systems. Traditional IT security-biased protection methods that focus on improving <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">cyber hygiene</i> are largely impotent in the face of targeted attacks by advanced cyber-adversaries. Thus, there is an urgent need to analyze the safety and security of critical infrastructure in a holistic fashion, leveraging the <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">physics</i> of the cyber-physical system. System-Theoretic Accident Model & Processes (STAMP) offers a powerful framework to analyze complex systems; hitherto, STAMP has been used extensively to perform safety analyses but an integrated safety and cybersecurity analysis of industrial control systems (ICS) has not been published. This paper uses the electrical generation and distribution system of an archetypal industrial facility to demonstrate the application of a STAMP-based method – called <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">Cybersafety</i> – to identify and mitigate cyber-vulnerabilities in ICS. The key contribution of this work is to differentiate the additional steps required to perform a holistic cybersecurity analysis for an ICS of significant size and complexity and to present the analysis in a structured format that can be emulated for larger systems with many interdependent subsystems.
Highlights
WHEREAS cyber-physical attacks targeting automobiles, medical devices and other systems embedded with computers have the potential to cause considerable damage to individuals or small groups of people, a cyberattack targeting critical infrastructure industrial control systems (ICS) can impact a large number of people over a vast geographical area
The objective of this study was to demonstrate the ability of the Cybersafety method to systematically and robustly uncover cyber vulnerabilities and mitigation strategies in an industrial control system using a real-world example; those vulnerabilities that emerge as a result of interactions between components and interdependent subsystems
We demonstrated the application of cybersafety to identify cyber-vulnerabilities in an archetypal industrial control system
Summary
WHEREAS cyber-physical attacks targeting automobiles, medical devices and other systems embedded with computers have the potential to cause considerable damage to individuals or small groups of people, a cyberattack targeting critical infrastructure ICS can impact a large number of people over a vast geographical area. This is why such attacks are considered a matter of national security [1]. Such IT security-biased protection methods that narrowly focus on improving cyber hygiene are only successful against indiscriminate, non-targeted attacks – but remain largely impotent against targeted attacks by advanced cyber adversaries [3]
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
