ABSTRACT
Information Technology (IT) and Operational Technology (OT) are converging further, which increases the number of interdependencies of safety and security risks arising in industrial architectures. Cyber attacks interfering safety functionality may lead to serious injuries as a consequence. Intentionally triggering a safety function may introduce a security vulnerability during the emergency procedure, e.g., by opening emergency exit doors leading to enabling unauthorized physical access. This paper introduces a risk evaluation methodology to prioritize and manage identified threats considering security, safety, and their interdepedencies. The presented methodology uses metrics commonly used in the industry to increase its applicability and enable the combination with other risk assessment approaches. These metrics are Common Vulnerability Scoring System (CVSS), Security Level (SL) from the standard IEC 62443 and Safety Integrity Level (SIL) from the standard IEC 61508. Conceptional similarities of those metrics are considered during the risk calculation, including an identified relation between CVSS and SL. Besides this relation, the skill level and resources of threat actors, threats enabling multiple identified attacks, the SIL of safety-relevant components affected, business criticality of the targeted asset, and the SL-T of the zone targeted by the attack are considered for risk evaluation. The industrial architecture to be analyzed is separated into zones and conduits according to IEC 62443, enabling the analyzed system to be compliant with its requirements.
- Sadek Rayan Aktouche, Mohamed Sallak, Abdelmadjid Bouabdallah, and Walter Schön. 2021. Towards Reconciling Safety and Security Risk Analysis Processes in Railway Remote Driving. In 2021 5th International Conference on System Reliability and Safety (ICSRS). 148–154. https://doi.org/10.1109/ICSRS53853.2021.9660764Google Scholar
- Blake E. Strom and Joseph A. Battaglia and Michael S. Kemmerer and William Kupersanin and Douglas P. Miller and Craig Wampler and Sean M. Whitley and Ross D. Wolf. 2017. Finding Cyber Threats with ATT&CK-Based Analytics. Technical Report. The MITRE Corporation.Google Scholar
- Clint Bodungen, Bryan Singer, Aaron Shbeeb, Kyle Wilhoit, and Stephen Hilt. 2016. Hacking Exposed Industrial Control Systems: ICS and SCADA Security Secrets & Solutions (1 ed.). McGraw-Hill Education, New York. 544 pages. https://doi.org/10.1036/9781259589720Google Scholar
- Patrick Denzler, Siegfried Hollerer, Thomas Frühwirth, and Wolfgang Kastner. 2021. Identification of security threats, safety hazards, and interdependencies in industrial edge computing. In 2021 IEEE/ACM Symposium on Edge Computing (SEC). 397–402. https://doi.org/10.1145/3453142.3493508Google Scholar
- FIRST (FIRST.Org, Inc.). 2019. Common Vulnerability Scoring System version 3.1, Specification Document, Revision 1.Google Scholar
- Marcus Geiger, Jochen Bauer, Michael Masuch, and Jörg Franke. 2020. An Analysis of Black Energy 3, Crashoverride, and Trisis, Three Malware Approaches Targeting Operational Technology Systems. In 2020 25th IEEE International Conference on Emerging Technologies and Factory Automation (ETFA), Vol. 1. 1537–1543. https://doi.org/10.1109/ETFA46521.2020.9212128Google Scholar
- Siegfried Hollerer, Clara Fischer, Bernhard Brenner, Maximilian Papa, Sebastian Schlund, Wolfgang Kastner, Joachim Fabini, and Tanja Zseby. 2021. Cobot attack: a security assessment exemplified by a pecific collaborative robot. Procedia Manufacturing 54 (2021), 191–196. https://doi.org/10.1016/j.promfg.2021.07.029 10th CIRP Sponsored Conference on Digital Enterprise Technologies (DET 2020) – Digital Technologies as Enablers of Industrial Competitiveness and Sustainability.Google ScholarCross Ref
- Siegfried Hollerer, Wolfgang Kastner, and Thilo Sauter. 2021. Safety und Security - ein Spannungsfeld in der industriellen Praxis. e & i Elektrotechnik und Informationstechnik 138, 449–453. https://doi.org/10.1007/s00502-021-00930-0Google Scholar
- Siegfried Hollerer, Wolfgang Kastner, and Thilo Sauter. 2021. Towards a Threat Modeling Approach Addressing Security and Safety in OT Environments. In 2021 17th IEEE International Conference on Factory Communication Systems (WFCS). 37–40. https://doi.org/10.1109/WFCS46889.2021.9483591Google ScholarCross Ref
- Eric Hutchins, Michael Cloppert, and Rohan Amin. 2011. Intelligence-Driven Computer Network Defense Informed by Analysis of Adversary Campaigns and Intrusion Kill Chains. Leading Issues in Information Warfare & Security Research 1 (2011).Google Scholar
- International Electrotechnical Commission (IEC). 2020. IEC 62443, Security for industrial automation and control systems.Google Scholar
- International Organization for Standardization (ISO). 2010. ISO 12100 Safety of machinery — General principles for design — Risk assessment and risk reduction.Google Scholar
- International Organization for Standardization (ISO). 2015. ISO 13849 Safety of machinery — Safety-related parts of control systems.Google Scholar
- Juergen Jasperneite, Thilo Sauter, and Martin Wollschlaeger. 2020. Why We Need Automation Models: Handling Complexity in Industry 4.0 and the Internet of Things. IEEE Industrial Electronics Magazine 14, 1 (2020), 29–40. https://doi.org/10.1109/MIE.2019.2947119Google Scholar
- Jin-woo Myung ; Sunghyuck Hong. 2019. ICS malware Triton attack and countermeasures.. In International Journal of Emerging Multidisciplinary Research.Google Scholar
- Marjan Keramati. 2017. A novel system for quantifying the danger degree of computer network attacks. In 2017 IEEE 4th International Conference on Knowledge-Based Engineering and Innovation (KBEI). https://doi.org/10.1109/KBEI.2017.8324906Google ScholarCross Ref
- Yazid Merah and Tayeb Kenaza. 2021. Ontology-Based Cyber Risk Monitoring Using Cyber Threat Intelligence. In The 16th International Conference on Availability, Reliability and Security (Vienna, Austria) (ARES 2021). Association for Computing Machinery, New York, NY, USA, Article 88, 8 pages. https://doi.org/10.1145/3465481.3470024Google ScholarDigital Library
- Marco Rocchetto and Nils Ole Tippenhauer. 2016. On Attacker Models and Profiles for Cyber-Physical Systems. In Computer Security – ESORICS 2016, Ioannis Askoxylakis, Sotiris Ioannidis, Sokratis Katsikas, and Catherine Meadows (Eds.). Springer International Publishing, Cham, 427–449.Google ScholarCross Ref
- Jonathan Spring, Eric Hatleback, Allen Householder, Art Manion, and Deana Shick. 2021. Time to Change the CVSS?IEEE Security Privacy 19, 2 (2021), 74–78. https://doi.org/10.1109/MSEC.2020.3044475Google Scholar
- Max van Haastrecht, Injy Sarhan, Alireza Shojaifar, Louis Baumgartner, Wissam Mallouli, and Marco Spruit. 2021. A Threat-Based Cybersecurity Risk Assessment Approach Addressing SME Needs. In The 16th International Conference on Availability, Reliability and Security (Vienna, Austria) (ARES 2021). Association for Computing Machinery, New York, NY, USA, Article 158, 12 pages. https://doi.org/10.1145/3465481.3469199Google ScholarDigital Library
- Víctor Mayoral Vilches, Endika Gil-Uriarte, Irati Zamalloa Ugarte, Gorka Olalde Mendia, Rodrigo Izquierdo Pisón, Laura Alzola Kirschgens, Asier Bilbao Calvo, Alejandro Hernández Cordero, Lucas Apa, and César Cerrudo. 2021. Towards an open standard for assessing the severity of robot security vulnerabilities, the Robot Vulnerability Scoring System (RVSS). arxiv:1807.10357 [cs.RO]Google Scholar
- Martin Wollschlaeger, Thilo Sauter, and Juergen Jasperneite. 2017. The Future of Industrial Communication: Automation Networks in the Era of the Internet of Things and Industry 4.0. IEEE Industrial Electronics Magazine 11, 1 (2017), 17–27. https://doi.org/10.1109/MIE.2017.2649104Google Scholar
- Shengwei Yi, Hongwei Wang, Yangyang Ma, Feng Xie, Puhan Zhang, and Liqing Di. 2018. A Safety-Security Assessment Approach for Communication-Based Train Control (CBTC) Systems Based on the Extended Fault Tree. In 2018 27th International Conference on Computer Communication and Networks (ICCCN). 1–5. https://doi.org/10.1109/ICCCN.2018.8487464Google ScholarCross Ref
- Awad Younis, Yashwant K. Malaiya, and Indrajit Ray. 2016. Evaluating CVSS Base Score Using Vulnerability Rewards Programs. In ICT Systems Security and Privacy Protection, Jaap-Henk Hoepmanand Stefan Katzenbeisser (Eds.). Springer International Publishing, Cham, 62–75.Google Scholar
Index Terms
- Risk Assessments Considering Safety, Security, and Their Interdependencies in OT Environments
Recommendations
CC-Case-Safety and Security Engineering Methodology
As the complexity of computer systems increases, assuring safety and security is significant. The authors aim to construct a new development methodology CC-Case that can assure the demands of complex systems, including IoT and AI, using safety and ...
A safety/security risk analysis approach of Industrial Control Systems
The introduction of connected systems and digital technology in process industries creates new cyber-security vulnerabilities that can be exploited by sophisticated threats and lead to undesirable safety accidents. Thus, identifying these ...
Risk-based design security analysis
SEAD '18: Proceedings of the 1st International Workshop on Security Awareness from Design to DeploymentImplementing security by design in practice often involves the application of threat modeling to elicit security threats and to aid designers in focusing efforts on the most stringent problems first.
Existing threat modeling methodologies are capable of ...
Comments