Cybersafety: A System-Theoretic Approach to Identify Cyber-Vulnerabilities &amp; Mitigation Requirements in Industrial Control Systems

Khan, Shaharyar; Madnick, Stuart E.

doi:10.1109/tdsc.2021.3093214

Cited by 13 publications

(7 citation statements)

References 22 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…[17] uses STPA to analyse the impact of cyber-attacks against an industrial control system. More recently, Khan and Madnick [16] proposed a framework grounded in STPA to identify mitigations against attacks to the CPS. Authors of [6] proposed a methodology based on STPA and simulations of system behaviour to evaluate the impact of different types of attacks against a Communication Based Train Control System, and suggested the use of logical attack graphs to quantify the risk of safety critical attacks.…”

Section: Related Workmentioning

confidence: 99%

HA-Grid: Security Aware Hazard Analysis for Smart Grids

Castiglione

Hau

Get

et al. 2022

2022 IEEE International Conference on Communications, Control, and Computing Technologies for Smart Grids (SmartGridComm)

View full text Add to dashboard Cite

Attacks targeting smart grid infrastructures can result in the disruptions of power supply as well as damages to costly equipment, with significant impact on safety as well as on end-consumers. It is therefore of essence to identify attack paths in the infrastructure that lead to safety violations and to determine critical components that must be protected. In this paper, we introduce a methodology (HA-Grid) that incorporates both safety and security modelling of smart grid infrastructure to analyse the impact of cyber threats on the safety of smart grid infrastructures. HA-Grid is applied on a smart grid testbed to identify attack paths that lead to safety hazards, and to determine the common nodes in these attack paths as critical components that must be protected.

show abstract

Section: Related Workmentioning

confidence: 99%

HA-Grid: Security Aware Hazard Analysis for Smart Grids

Castiglione

Hau

Get

et al. 2022

2022 IEEE International Conference on Communications, Control, and Computing Technologies for Smart Grids (SmartGridComm)

View full text Add to dashboard Cite

show abstract

“…In forward-looking analyses based on STAMP, Logan et al [20] analyzed an autonomous space system using the STPA-Sec method to elicit system security requirements while Martin et al [21] applied STPA-Sec to study security considerations in aerial refueling. Meanwhile, Khan & Madnick [6], presented the STAMP-based Cybersafety analysis of a gas-turbine power plant. In each of these analyses, the focus is on identifying safety issues emanating from security scenarios.…”

Section: Literature Reviewmentioning

confidence: 99%

“…The primary contribution of this work is to present an integrated safety and security model for an industrial control system application, that we call Cybersafety [6], based on the STAMP STPA-Sec method. While some authors have performed cybersecurity analyses using the STAMP framework in the past, we believe those are essentially safety analyses containing cybersecurity-related causal factors.…”

Section: Introductionmentioning

confidence: 99%

“…What is missing is an integrated safety/security model that analyzes a complex industrial process from both lenses-safety and security. To that end, the objective of this paper is to demonstrate that an integrated safety/cybersecurity analysis is feasible on a real industrial control system and highlight refinements to the Cybersafety [6] method that enable such an analyses.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Protecting Chiller Systems from Cyberattack Using a Systems Thinking Approach

Khan

Madnick

2022

Network

Self Cite

View full text Add to dashboard Cite

Recent world events and geopolitics have brought the vulnerability of critical infrastructure to cyberattacks to the forefront. While there has been considerable attention to attacks on Information Technology (IT) systems, such as data theft and ransomware, the vulnerabilities and dangers posed by industrial control systems (ICS) have received significantly less attention. What is very different is that industrial control systems can be made to do things that could destroy equipment or even harm people. For example, in 2021 the US encountered a cyberattack on a water treatment plant in Florida that could have resulted in serious injuries or even death. These risks are based on the unique physical characteristics of these industrial systems. In this paper, we present a holistic, integrated safety and security analysis, we call Cybersafety, based on the STAMP (System-Theoretic Accident Model and Processes) framework, for one such industrial system—an industrial chiller plant—as an example. In this analysis, we identify vulnerabilities emerging from interactions between technology, operator actions as well as organizational structure, and provide recommendations to mitigate resulting loss scenarios in a systematic manner.

show abstract

“…Furthermore, the information-oriented threat usually exploits some potential vulnerabilities of IT systems to invade and attack their primary components or function units, and reaches the ultimate destination to steal sensitive information or cause a system crash [8,9]. Differently, the process control-oriented threat represents the OT-related attacks whose primary target is to destroy the normal production process when one control system is running smoothly and orderly [10,11]. More precisely, this threat may invalidate the production process by forcibly inserting some abnormal control commands, or cause alarm failure or error warning by intentionally changing the alarm threshold [12,13].…”

Section: Introductionmentioning

confidence: 99%

Functional Pattern-Related Anomaly Detection Approach Collaborating Binary Segmentation with Finite State Machine

Wan,

Hao,

et al. 2023

CMC

View full text Add to dashboard Cite

The process control-oriented threat, which can exploit OT (Operational Technology) vulnerabilities to forcibly insert abnormal control commands or status information, has become one of the most devastating cyber attacks in industrial automation control. To effectively detect this threat, this paper proposes one functional patternrelated anomaly detection approach, which skillfully collaborates the BinSeg (Binary Segmentation) algorithm with FSM (Finite State Machine) to identify anomalies between measuring data and control data. By detecting the change points of measuring data, the BinSeg algorithm is introduced to generate some initial sequence segments, which can be further classified and merged into different functional patterns due to their backward difference means and lengths. After analyzing the pattern association according to the Bayesian network, one functional state transition model based on FSM, which accurately describes the whole control and monitoring process, is constructed as one feasible detection engine. Finally, we use the typical SWaT (Secure Water Treatment) dataset to evaluate the proposed approach, and the experimental results show that: for one thing, compared with other changepoint detection approaches, the BinSeg algorithm can be more suitable for the optimal sequence segmentation of measuring data due to its highest detection accuracy and least consuming time; for another, the proposed approach exhibits relatively excellent detection ability, because the average detection precision, recall rate and F1-score to identify 10 different attacks can reach 0.872, 0.982 and 0.896, respectively.

show abstract

Cybersafety: A System-Theoretic Approach to Identify Cyber-Vulnerabilities & Mitigation Requirements in Industrial Control Systems

Cited by 13 publications

References 22 publications

HA-Grid: Security Aware Hazard Analysis for Smart Grids

HA-Grid: Security Aware Hazard Analysis for Smart Grids

Protecting Chiller Systems from Cyberattack Using a Systems Thinking Approach

Functional Pattern-Related Anomaly Detection Approach Collaborating Binary Segmentation with Finite State Machine

Contact Info

Product

Resources

About