The increasing interconnectivity with external networks and the higher reliance on digital systems make the facilities of the chemical, process, and Oil&Gas industry more vulnerable to cyber-attacks. These attacks have the potential of causing events with severe consequences on property, people, and the surrounding environment such as major event scenarios. The application of the currently available methodologies for cyber risk identification to complex plants with a large number of units may be demanding and cumbersome. The present study proposes an updated methodology, named POROS 2.0, that allows reducing time and effort in application by limiting the scope of the analysis to relevant cybersecurity scenarios. The latter are identified by investigating the potential escalation of consequences propagating among process and/or utility nodes of the manipulations of BPCS and SIS, similar to what is done in the HazOp technique in the safety domain. POROS 2.0 was demonstrated by the application to a case study addressing a fixed offshore platform for gas exploitation.

Iaiani M., Tugnoli A., Cozzani V. (2023). Process hazard and operability analysis of BPCS and SIS malicious manipulations by POROS 2.0. PROCESS SAFETY AND ENVIRONMENTAL PROTECTION, 176, 226-237 [10.1016/j.psep.2023.06.024].

Process hazard and operability analysis of BPCS and SIS malicious manipulations by POROS 2.0

Iaiani M.;Tugnoli A.
;
Cozzani V.
2023

Abstract

The increasing interconnectivity with external networks and the higher reliance on digital systems make the facilities of the chemical, process, and Oil&Gas industry more vulnerable to cyber-attacks. These attacks have the potential of causing events with severe consequences on property, people, and the surrounding environment such as major event scenarios. The application of the currently available methodologies for cyber risk identification to complex plants with a large number of units may be demanding and cumbersome. The present study proposes an updated methodology, named POROS 2.0, that allows reducing time and effort in application by limiting the scope of the analysis to relevant cybersecurity scenarios. The latter are identified by investigating the potential escalation of consequences propagating among process and/or utility nodes of the manipulations of BPCS and SIS, similar to what is done in the HazOp technique in the safety domain. POROS 2.0 was demonstrated by the application to a case study addressing a fixed offshore platform for gas exploitation.
2023
Iaiani M., Tugnoli A., Cozzani V. (2023). Process hazard and operability analysis of BPCS and SIS malicious manipulations by POROS 2.0. PROCESS SAFETY AND ENVIRONMENTAL PROTECTION, 176, 226-237 [10.1016/j.psep.2023.06.024].
Iaiani M.; Tugnoli A.; Cozzani V.
File in questo prodotto:
File Dimensione Formato  
1-s2.0-S0957582023005049-main.pdf

accesso aperto

Tipo: Versione (PDF) editoriale
Licenza: Creative commons
Dimensione 3.61 MB
Formato Adobe PDF
3.61 MB Adobe PDF Visualizza/Apri

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11585/942886
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 1
  • ???jsp.display-item.citation.isi??? 1
social impact