EconPapers    
Economics at your fingertips  

EconPapers Home
About EconPapers

Working Papers
Journal Articles
Books and Chapters
Software Components

Authors

JEL codes
New Economics Papers

Advanced Search


EconPapers FAQ
Archive maintainers FAQ
Cookies at EconPapers

Format for printing

The RePEc blog
The RePEc plagiarism page

 

Outage and asset damage triggered by malicious manipulation of the control system in process plants

Matteo Iaiani, Alessandro Tugnoli, Paolo Macini and Valerio Cozzani

Reliability Engineering and System Safety, 2021, vol. 213, issue C

Abstract: Intentional acts consisting in remote (cyber) or physical manipulations of the BPCS (Basic Process Control System) and the SIS (Safety Instrumented System) of a process plant may result in severe consequences for the affected industrial facilities. Interruption of productivity, with or without asset damages, generally results in huge economic losses and, at times, in damages to reputation, people and the environment. Despite the existence of several international standards aimed at the assessment and management of cybersecurity of IT (Information Technology) and OT (Operational Technology) systems of a facility, only few contributions are present in the literature addressing the concrete connection between malicious manipulations of the BPCS and SIS systems and the impacts on the physical process system that can be initiated. In this panorama, the present work fills this gap by developing a systematic qualitative methodology supporting the identification of possible security events affecting the operability and/or system integrity of a process plant, of the malicious manipulations by which they may be initiated, and of the existing safeguards in place. The results can be used within the standard procedure for cyber risk management of the IT-OT system (e.g. ISA/IEC 62443), to support the identification of protection requirements and countermeasures. The methodology is complementary to current safety and security assessments and is intended for application to front-end design phase as well as to the security review of operating plants. The methodology was applied to a case study (an offshore Oil&Gas compression plant) to demonstrate the potential of the methodology and the results obtained.

Keywords: Hazard identification; Chemical and Process Industry; Security; Cyber-attack; Major accident hazard; Asset damage; Business interruption; Operability (search for similar items in EconPapers)
Date: 2021
References: View references in EconPapers View complete reference list from CitEc
Citations: View citations in EconPapers (2)

Downloads: (external link)
http://www.sciencedirect.com/science/article/pii/S0951832021002234
Full text for ScienceDirect subscribers only

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:eee:reensy:v:213:y:2021:i:c:s0951832021002234

DOI: 10.1016/j.ress.2021.107685

Access Statistics for this article

Reliability Engineering and System Safety is currently edited by Carlos Guedes Soares

More articles in Reliability Engineering and System Safety from Elsevier
Bibliographic data for series maintained by Catherine Liu ().

 
Share

RePEc
This site is part of RePEc and all the data displayed here is part of the RePEc data set.

Is your work missing from RePEc? Here is how to contribute.

Questions or problems? Check the EconPapers FAQ or send mail to .

Örebro UniversityEconPapers is hosted by the School of Business at Örebro University.

Page updated 2025-03-19
Handle: RePEc:eee:reensy:v:213:y:2021:i:c:s0951832021002234