The increasing interconnectivity with external networks and the higher reliance on digital systems make the facilities of the chemical, process, and Oil&Gas industry more vulnerable to cyber-attacks. These attacks have the potential of causing events with severe consequences on property, people, and the surrounding environment such as major event scenarios. The application of the currently available methodologies for cyber risk identification to complex plants with a large number of units may be demanding and cumbersome. The present study proposes an updated methodology, named POROS 2.0, that allows reducing time and effort in application by limiting the scope of the analysis to relevant cybersecurity scenarios. The latter are identified by investigating the potential escalation of consequences propagating among process and/or utility nodes of the manipulations of BPCS and SIS, similar to what is done in the HazOp technique in the safety domain. POROS 2.0 was demonstrated by the application to a case study addressing a fixed offshore platform for gas exploitation.
Process hazard and operability analysis of BPCS and SIS malicious manipulations by POROS 2.0 / Iaiani M.; Tugnoli A.; Cozzani V.. - In: PROCESS SAFETY AND ENVIRONMENTAL PROTECTION. - ISSN 0957-5820. - STAMPA. - 176:(2023), pp. 226-237. [10.1016/j.psep.2023.06.024]
Process hazard and operability analysis of BPCS and SIS malicious manipulations by POROS 2.0
Iaiani M.;Tugnoli A.
;Cozzani V.
2023
Abstract
The increasing interconnectivity with external networks and the higher reliance on digital systems make the facilities of the chemical, process, and Oil&Gas industry more vulnerable to cyber-attacks. These attacks have the potential of causing events with severe consequences on property, people, and the surrounding environment such as major event scenarios. The application of the currently available methodologies for cyber risk identification to complex plants with a large number of units may be demanding and cumbersome. The present study proposes an updated methodology, named POROS 2.0, that allows reducing time and effort in application by limiting the scope of the analysis to relevant cybersecurity scenarios. The latter are identified by investigating the potential escalation of consequences propagating among process and/or utility nodes of the manipulations of BPCS and SIS, similar to what is done in the HazOp technique in the safety domain. POROS 2.0 was demonstrated by the application to a case study addressing a fixed offshore platform for gas exploitation.| File | Dimensione | Formato | |
|---|---|---|---|
|
1-s2.0-S0957582023005049-main.pdf
accesso aperto
Tipo:
Versione (PDF) editoriale
Licenza:
Creative commons
Dimensione
3.61 MB
Formato
Adobe PDF
|
3.61 MB | Adobe PDF | Visualizza/Apri |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
