Integrated management of safety and security barriers in chemical plants to cope with emerging cyber-physical attack risks under uncertainties
Shuaiqi Yuan, 
Genserik Reniers and 
Ming Yang
Reliability Engineering and System Safety, 2024, vol. 250, issue C
Abstract:
Chemical facilities face threats from accidental and intentional events, including the rising concern of cyber-physical (C2P) attacks in the digitized industrial control system era. Addressing major accident risks from safety hazards and C2P attacks requires an immediate unified framework for safety and security barrier management. This study presents a systematic risk-based approach to integrate conventional safety risks with emerging C2P attack risks. Adverse scenarios are identified, integrated into an attack-tree-bow-tie diagram, and modelled using a Bayesian network (BN). A vulnerability assessment model is developed to quantify industrial control system vulnerability to C2P attacks, considering uncertainties in attackers' knowledge levels. Monte Carlo simulations are used to handle uncertainty propagation in risk assessment, allowing the use of probability distributions for BN root nodes. Sensitivity analysis identifies critical factors/events, guiding the proposal of candidate strategies for barrier improvements. Combining cost-effectiveness analysis with a risk matrix yields the optimal strategy for safety and security barrier enhancements based on risk estimations. A hypothetical case study demonstrates the proposed approach's effectiveness in integrated safety and security barrier management, considering security vulnerability patching and safety barrier maintenance scheduling from a cost-effective perspective.
Keywords: Safety and security risks; Cyber-physical attacks; Quantitative risk assessment; Safety barrier management; Bayesian networks; Cost-effectiveness analysis (search for similar items in EconPapers)
Date: 2024
References: View references in EconPapers View complete reference list from CitEc 
Citations: View citations in EconPapers (1) 
Downloads: (external link)
http://www.sciencedirect.com/science/article/pii/S0951832024003922
Full text for ScienceDirect subscribers only
Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.
Export reference: BibTeX 
RIS (EndNote, ProCite, RefMan) 
HTML/Text
Persistent link: https://EconPapers.repec.org/RePEc:eee:reensy:v:250:y:2024:i:c:s0951832024003922
DOI: 10.1016/j.ress.2024.110320
Access Statistics for this article
Reliability Engineering and System Safety is currently edited by Carlos Guedes Soares
More articles in Reliability Engineering and System Safety  from  Elsevier
Bibliographic data for series maintained by Catherine Liu ().