Safeguarding critical infrastructures from cyber attacks : A case study for offshore natural gas Assets

• Autorzy: Hadjistassou C. , Bratskas R. , Koutras N. , Kyriakides A. , Charalambous E. , Hadjiantonis A. M.
• Języki publikacji: EN

Abstrakty

EN

The majority of operations, as well as the physical and chemical processes, which take place on offshore Natural Gas installations are controlled by computer systems. These computer systems are vulnerable to cyber-attacks. If successful, such attacks can have disastrous and far-reaching consequences, including human casualties, large-scale pollution, and immense financial cost. In this paper we identify one possible way that an attacker can inflict material damage, by altering the parameters of the gas hydrate inhibition system. The formation of gas hydrates can completely halt operations for a prolonged period of time, could damage equipment, and directly endanger human lives. To raise the level of protection we propose the implementation of two lines of defense the second based on machine learning algorithms. Appreciating the sophistication of attacks, the inherent risks and complexity of multi-billion offshore energy assets we highlight the need for further research intended to address safety loopholes.

Słowa kluczowe

EN

critical infrastructure; cyber attacks; energy; natural gas; gas hydrates

• Wydawca: Polskie Towarzystwo Bezpieczeństwa i Niezawodności
• Czasopismo: Journal of Polish Safety and Reliability Association
• Rocznik: 2015
• Tom: Vol. 6, No. 1
• Strony: 115--124
• Opis fizyczny: Bibliogr. 21 poz., rys., tab., wykr.

Twórcy

autor

Hadjistassou C.

• University of Nicosia, University of Cyprus, Nicosia, Cyprus

autor

Bratskas R.

• ADITESS Advanced Integrated Technology Solutions & Services, Nicosia, Cyprus

autor

Koutras N.

• ADITESS Advanced Integrated Technology Solutions & Services, Nicosia, Cyprus

autor

Kyriakides A.

• ADITESS Advanced Integrated Technology Solutions & Services, Nicosia, Cyprus

autor

Charalambous E.

• ADITESS Advanced Integrated Technology Solutions & Services, Nicosia, Cyprus University of Cyprus, Nicosia, Cyprus

autor

Hadjiantonis A. M.

• CyRIC Cyprus Research and Innovation Center Ltd., Nicosia, Cyprus

Bibliografia

• [1] Cazorla, L., Alcaraz, C., & Lopez, J. (2013). Towards automatic critical infrastructure protection through machine learning. In 8th International Conference on Critical Information Infrastructures Security, 8328:197-203, Amsterdam, The Netherlands, Springer.
• [2] Engineering Data Book. (2004). 12th ed., Dehydration, Gas Processors Supply Association, Tulsa OK, USA.
• [3] ENISA, Protecting Industrial Control Systems - Recommendations for Europe and Member States," (2011).
• [4] Exploring Stuxnet's PLC Infection Process, http://www.symantec.com/connect/blogs/explorin g-stuxnet-s-plc-infection-process; Posted on Sep 22, 2010
• [5] Flame malware makers send suicide code, http://www.bbc.com/news/technology-18365844; Posted June 8, 2012
• [6] Hadjistassou, C., Efthymiou, M. & Papanastasiou, P. (2014). Well and Subsea Completions and Production Facilities (PET522); Lecture Notes, University of Cyprus, Faculty of Engineering.
• [7] Hadjistassou, C., Hadjiantonis, A. (2012). Risk Assessment of Offshore Oil & Gas Installations Under Cyber Threats. In: EASTWEST 2012, International Congress, European Office Cyprus, Cyprus, 95-101.
• [8] Kidnay, A.J. & Parrish, W.R. (2006). Fundamentals of Natural Gas Processing. CRC Press, Boca Raton, Fla.
• [9] Methanex, Methanol Price: www.methanex.com/
• [10] N.S.A. Able to Foil Basic Safeguards of Privacy on Web, http://www.nytimes.com/2013/09/06/ us/nsa-foils-much-internet-encryption.html
• [11] Night Dragon, http://www.mcafee.com/us/about/ night-dragon.aspx?cid=WBB009
• [12] NSA Documents Show United States Spied Brazilian Oil Giant, Globo.com. (2013). Posted Sept., 9, 2013. products/methanolprice.html; Posted on May 23, 2014.
• [13] Revealed: how US and UK spy agencies defeat internet privacy and security, www.theguardian.com/world/2013/sep/05/nsagchq-encryption-codes-security
• [14] Risks and Dangers of Fiber Optic Cables, http://infoguard.ch/pdf/publikationen/wp_fiber_o ptic_communication-e.pdf
• [15] Shamoon virus targets energy sector infrastructure, http://www.bbc.com/news/technology-19293797; Posted Aug 17, 2012.
• [16] Sloan, E. D., Koh, C. & Sum A.K. (2011). Natural Gas Hydrates in Flow Assurance. Gulf Professional Pub. Elsevier, Oxford.
• [17] Stark, H. (2011). Stuxnet Virus Opens New Era of Cyber War. Der Spiegel Online: www.spiegel.de/ international/world/mossad-s-miracle-weaponstuxnet-virus-opens-new-era-of-cyber-war-a778912.html; Aug 08, 2011, Lecture Notes in Computer Science 13.
• [18] Tapping Fibre Channel connections is much easier than commonly believed!, White paper. http://infoguard.ch/pdf/publikationen/wp_infogua rd_fibrechannel_e.pdf
• [19] The 7 Security Myths Surrounding Fibre Optic Networks, White paper. http://infoguard.ch/pdf/ publikationen/wp_infoguard_securitymythen_e_v 10.pdf
• [20] U.S., Israel developed Flame computer virus to slow Iranian nuclear e_orts, o_cials say: http://www.washingtonpost.com/world/nationalsecurity/us-israel-developed-computer-virus-toslow-iranian-nuclear-efforts-officialssay/2012/06/19/gJQA6xBPoV_story.html; Posted June 19, 2012.
• [21] Zhu, B., Joseph, A. & Sastry, S. (2011). A taxonomy of cyber attacks on scada systems. In Internet of Things (iThings/CPSCom), 2011 International Conference on and 4th International Conference on Cyber, Physical and Social Computing, 380-388. IEEE.