Shaharyar Khan scite author profile

Shaharyar Khan

5Publications

27Citation Statements Received

52Citation Statements Given

How they've been cited

How they cite others

Affiliations

Massachusetts Institute of Technology

Publications

Order By: Most citations

Identifying and Anticipating Cyberattacks That Could Cause Physical Damage to Industrial Control Systems

Angle

Madnick

Kirtley

et al. 2019

IEEE Power Energy Technol. Syst. J.

View full text Add to dashboard Cite

Physical control systems are increasingly controlled by reconfigurable, network-enabled devices to increase flexibility and ease commissioning and maintenance. Such capability creates vulnerabilities. Devices may be remotely reprogrammed by a malicious actor to act in unintended ways, causing physical damage to mechanical equipment, infrastructure, and life and limb. In this paper, past examples of actual damage to cyber-physical systems are shown, threats posed by software-controlled variable frequency drives (VFDs) are analyzed, and a small-scale version of an attack on ubiquitous VFD equipment is demonstrated.INDEX TERMS Cyberattack, physical damage, energy storage, industrial control, Internet of Things, motor drives.

show abstract

Identifying and Anticipating Cyber Attacks that could cause Physical Damage to Industrial Control Systems

et al. 2019

View full text Add to dashboard Cite

Cybersafety Analysis of a Central Utilities Plant (CUP) Gas Turbine using STPA-SEC

2018

View full text Add to dashboard Cite

Cybersafety: A System-Theoretic Approach to Identify Cyber-Vulnerabilities & Mitigation Requirements in Industrial Control Systems

Khan

Madnick

2022

IEEE Trans. Dependable and Secure Comput.

View full text Add to dashboard Cite

Recent cyber-physical attacks, such as Stuxnet, Triton etc., have invoked an ominous realization about the vulnerability of critical infrastructure, including water, power and gas distribution systems. Traditional IT security-biased protection methods that focus on improving cyber hygiene are largely impotent in the face of targeted attacks by advanced cyber-adversaries. Thus, there is an urgent need to analyze the safety and security of critical infrastructure in a holistic fashion, leveraging the physics of the cyber-physical system. System-Theoretic Accident Model & Processes (STAMP) offers a powerful framework to analyze complex systems; hitherto, STAMP has been used extensively to perform safety analyses but an integrated safety and cybersecurity analysis of industrial control systems (ICS) has not been published. This paper uses the electrical generation and distribution system of an archetypal industrial facility to demonstrate the application of a STAMP-based method -called Cybersafety -to identify and mitigate cyber-vulnerabilities in ICS. The key contribution of this work is to differentiate the additional steps required to perform a holistic cybersecurity analysis for an ICS of significant size and complexity and to present the analysis in a structured format that can be emulated for larger systems with many interdependent subsystems.

show abstract

Cybersafety Analysis of Industrial Control Systems: Chiller Systems

Khan

Madnick

2020

SSRN Journal

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Shaharyar Khan

Identifying and Anticipating Cyberattacks That Could Cause Physical Damage to Industrial Control Systems

Identifying and Anticipating Cyber Attacks that could cause Physical Damage to Industrial Control Systems

Cybersafety Analysis of a Central Utilities Plant (CUP) Gas Turbine using STPA-SEC

Cybersafety: A System-Theoretic Approach to Identify Cyber-Vulnerabilities & Mitigation Requirements in Industrial Control Systems

Cybersafety Analysis of Industrial Control Systems: Chiller Systems

Contact Info

Product

Resources

About