Cyber-attacks aimed to interfere with the Basic Process Control System (BPCS) and the SIS (Safety Instrumented System) of industrial facilities where large quantities of hazardous substances are stored or handled may have consequences comparable to those of conventional major accidents due to internal causes. While consolidated approaches exist to manage and control the cybersecurity of IT (Information Technology) and OT (Operational Technology) systems of a plant, there is an evident lack of operating procedures for assessing the actual link between malicious manipulations of the BPCS and the SIS (OT system) and the major accidents that can be induced. In the present study a specific operating systematic methodology, PHAROS, was developed to address the identification of major accident scenarios achievable by remote manipulation of the physical components of the plant (e.g. automatic valves, pumps, compressors, etc.). The methodology exploits a reverse-HazOp concept and it also supports the definition of the specifications for the design and management of barriers aimed at the prevention and mitigation of such scenarios. The application of PHAROS to a demonstrative case study evidenced first that both the BPCS and the SIS typically need to be attacked in order to induce major accidents, and second, that passive/inherent safeguards have a key role with respect to the success of the considered malicious attack in case they are properly designed.
Iaiani M., Tugnoli A., Landucci G., Cozzani V. (2020). A systematic methodology for the identification of major accidents induced by malicious manipulation of the bpcs and the sis in a process plant. CHEMICAL ENGINEERING TRANSACTIONS, 82, 319-324 [10.3303/CET2082054].
A systematic methodology for the identification of major accidents induced by malicious manipulation of the bpcs and the sis in a process plant
Iaiani M.;Tugnoli A.
;Cozzani V.
2020
Abstract
Cyber-attacks aimed to interfere with the Basic Process Control System (BPCS) and the SIS (Safety Instrumented System) of industrial facilities where large quantities of hazardous substances are stored or handled may have consequences comparable to those of conventional major accidents due to internal causes. While consolidated approaches exist to manage and control the cybersecurity of IT (Information Technology) and OT (Operational Technology) systems of a plant, there is an evident lack of operating procedures for assessing the actual link between malicious manipulations of the BPCS and the SIS (OT system) and the major accidents that can be induced. In the present study a specific operating systematic methodology, PHAROS, was developed to address the identification of major accident scenarios achievable by remote manipulation of the physical components of the plant (e.g. automatic valves, pumps, compressors, etc.). The methodology exploits a reverse-HazOp concept and it also supports the definition of the specifications for the design and management of barriers aimed at the prevention and mitigation of such scenarios. The application of PHAROS to a demonstrative case study evidenced first that both the BPCS and the SIS typically need to be attacked in order to induce major accidents, and second, that passive/inherent safeguards have a key role with respect to the success of the considered malicious attack in case they are properly designed.File | Dimensione | Formato | |
---|---|---|---|
054_Pharos.pdf
accesso aperto
Tipo:
Versione (PDF) editoriale
Licenza:
Licenza per accesso libero gratuito
Dimensione
648.3 kB
Formato
Adobe PDF
|
648.3 kB | Adobe PDF | Visualizza/Apri |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.