The process industry and similar sectors are undergoing a digital transition towards higher levels of automation. This, while ensuring advantages such as efficient process control, quick and safe response to abnormal conditions, improvement of product quality and continuous process optimization, it exposes the process sites to cybersecurity threats. A cyber-attack, besides economic and reputation damages, can potentially trigger major accidents (e.g. loss of containment of hazardous materials) with severe consequences on workers, population and the environment. In the present study, the cybersecurity-related incidents (CSIs) that occurred in the chemical, petrochemical, energy production, and water/wastewater sectors, were investigated. The analysis is based on the development of a database of 78 cybersecurity-related incidents. The aim of the study is to frame a clear picture of the cyber-attacks on IT-OT (Information Technology-Operational Technology) system of process facilities and to issue lessons learnt from past incidents.

Analysis of past cybersecurity-related incidents in the process industry and the like

Iaiani M.;Tugnoli A.
;
Casson Moreno V.;Cozzani V.
2020

Abstract

The process industry and similar sectors are undergoing a digital transition towards higher levels of automation. This, while ensuring advantages such as efficient process control, quick and safe response to abnormal conditions, improvement of product quality and continuous process optimization, it exposes the process sites to cybersecurity threats. A cyber-attack, besides economic and reputation damages, can potentially trigger major accidents (e.g. loss of containment of hazardous materials) with severe consequences on workers, population and the environment. In the present study, the cybersecurity-related incidents (CSIs) that occurred in the chemical, petrochemical, energy production, and water/wastewater sectors, were investigated. The analysis is based on the development of a database of 78 cybersecurity-related incidents. The aim of the study is to frame a clear picture of the cyber-attacks on IT-OT (Information Technology-Operational Technology) system of process facilities and to issue lessons learnt from past incidents.
Iaiani M.; Tugnoli A.; Casson Moreno V.; Cozzani V.
File in questo prodotto:
File Dimensione Formato  
Analysis of Past Cybersecurity-related Incidents in the Process Industry and the Like_CET2020.pdf

accesso aperto

Tipo: Versione (PDF) editoriale
Licenza: Licenza per accesso libero gratuito
Dimensione 543.11 kB
Formato Adobe PDF
543.11 kB Adobe PDF Visualizza/Apri

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11585/788848
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 3
  • ???jsp.display-item.citation.isi??? ND
social impact