Cyber threats for operational technologies

Assenza, Giacomo; Faramondi, Luca; Oliva, Gabriele; Setola, Roberto

doi:10.1504/ijsse.2020.109127

Cited by 7 publications

(3 citation statements)

References 0 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…(a) One of the most famous examples of an attack on a critical installation was Stuxnet [17][18][19].…”

Section: Introductionmentioning

confidence: 99%

“…The Stuxnet was not an isolate case. There was a series of OT based cyber-attacks [19]: Havex (2013), Irongate (2014), BlackEnergy 3 (2015), Crashoverride (2016), Trisis/Triton (2017). (b) The Dragonfly group utilized Havex malware that targeted many industrial control systems with emphasis on the energy, pharmaceutical, defense, and petrochemical industries.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Integrated Approach to Diagnostics of Failures and Cyber-Attacks in Industrial Control Systems

et al. 2022

View full text Add to dashboard Cite

This paper is concerned with the issue of the diagnostics of process faults and the detection of cyber-attacks in industrial control systems. This problem is of significant importance to energy production and distribution, which, being part of critical infrastructure, is usually equipped with process diagnostics and, at the same time, is often subject to cyber-attacks. A commonly used approach would be to separate the two types of anomalies. The detection of process faults would be handled by a control team, often with a help of dedicated diagnostic tools, whereas the detection of cyber-attacks would be handled by an information technology team. In this article, it is postulated here that the two can be usefully merged together into one, comprehensive, anomaly detection system. For this purpose, firstly, the main types of cyber-attacks and the main methods of detecting cyber-attacks are being reviewed. Subsequently, in the analogy to “process fault”—a term well established in process diagnostics—the term “cyber-fault” is introduced. Within this context a cyber-attack is considered as a vector containing a number of cyber-faults. Next, it is explained how methods used in process diagnostics for fault detection and isolation can be applied to the detection of cyber-attacks and, in some cases, also to isolation of the components of such attacks, i.e., cyber-faults. A laboratory stand and a simulator have been developed to test the proposed approach. Some test results are presented, demonstrating that, similarly to equipment/process faults, residua can be established and cyber-faults can be identified based on the mismatch between the real data from the system and the outputs of the simulation model.

show abstract

“…(a) One of the most famous examples of an attack on a critical installation was Stuxnet [17][18][19].…”

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Integrated Approach to Diagnostics of Failures and Cyber-Attacks in Industrial Control Systems

et al. 2022

View full text Add to dashboard Cite

show abstract

“…The worm was able to modify the rotation speed of particular motors installed inside the centrifuges used for the uranium enrichment in plant in Iran. Similarly, recent blackouts in Ukraine in 2015 and 2016 were respectively caused by Blackenergy3 and CrashOverride, two malware specially designed to cause blackouts via cyber intrusion [5].…”

Section: Introductionmentioning

confidence: 99%

A Strategy to Improve Infrastructure Survivability via Prioritizing Critical Nodes Protection

Faramondi¹,

Assenza²,

Oliva³

et al. 2021

Issues on Risk Analysis for Critical Infrastructure Protection

Self Cite

View full text Add to dashboard Cite

From an engineering point of view, the survivability of a system is defined as its ability to continue to operate despite a natural or human-made disturbance; for example a serious mechanical fault, a human error, or a malicious cyber or physical attack. In the context of critical infrastructures, due to their relevance for the public wellness, it is mandatory to improve the robustness of such systems in order to ensure the availability of essential services such as the distribution of water, gas and electrical power. Nowadays, due to the increasing number of cyber incidents, the definition of protection strategies, able to improve the survivability level of this infrastructure, is at the heart of the scientific debate. In this chapter we propose a procedure based on three steps aimed at improving infrastructure survivability. In the first stage we propose some approaches to identify the criticality degree of each subsystem composing the infrastructure, in the second stage we propose a method to aggregate multiple criticality evaluations performed by subject matter experts by providing a unique holistic indicator. Finally, on the basis of such indicator, we propose a protection strategy to improve the robustness of the entire system.

show abstract

Cyber-Security and the Changing Landscape of Critical National Infrastructure: State and Non-state Cyber-Attacks on Organisations, Systems and Services

Rees,

Rees

2023

Advanced Sciences and Technologies for Security Applications

View full text Add to dashboard Cite

Cyber threats for operational technologies

Cited by 7 publications

References 0 publications

Integrated Approach to Diagnostics of Failures and Cyber-Attacks in Industrial Control Systems

Integrated Approach to Diagnostics of Failures and Cyber-Attacks in Industrial Control Systems

A Strategy to Improve Infrastructure Survivability via Prioritizing Critical Nodes Protection

Cyber-Security and the Changing Landscape of Critical National Infrastructure: State and Non-state Cyber-Attacks on Organisations, Systems and Services

Contact Info

Product

Resources

About