Cyber-Safety Analysis of an Industrial Control System for Chillers Using STPA-Sec

37 Pages Posted: 15 Apr 2019

See all articles by Shaharyar Khan

Shaharyar Khan

affiliation not provided to SSRN

Stuart Madnick

Massachusetts Institute of Technology (MIT) - Sloan School of Management

Allen Moulton

Massachusetts Institute of Technology (MIT)

Date Written: July 1, 2018

Abstract

As Industrial Control Systems (ICS) become increasingly software-intensive and more
complex, the traditional approaches to cybersecurity that undertake a narrow, static technical view of the system are proving to be increasingly inept in the face of new threat vectors and vulnerabilities. To date, most attacks on Energy Systems have targeted either the IT infrastructure (e.g., the Aramco Shamoo attack) or Circuit breakers of Operational Technology (e.g., the Ukraine attack.). In such cases, recovery is usually rather fast – either by rebooting computers or resetting breakers. But, if the Operation Technology equipment, especially the important, large, customized equipment, is physically damaged, recovery can take weeks or even months. In this paper, we demonstrate the use of Systems-Theoretic Process Analysis (STPA) to identify cyber vulnerabilities that have the potential to cause physical damage in industrial control systems using the MIT Central Utilities Plant as a use-case. It is shown that the method provides a well-guided and structured analysis process to unveil new cyber vulnerabilities that span not only technical aspects but also the broader socio-organizational system. The method ties system-level losses to violation of constraints at both the component-level as well as the process level and provides recommendations to make the system more resilient by defining additional constraints to control vulnerabilities in the system.

Suggested Citation

Khan, Shaharyar and Madnick, Stuart E. and Moulton, Allen, Cyber-Safety Analysis of an Industrial Control System for Chillers Using STPA-Sec (July 1, 2018). MIT Sloan Research Paper No. 5721-18. Available at SSRN: https://ssrn.com/abstract=3370540 or http://dx.doi.org/10.2139/ssrn.3370540

Shaharyar Khan

affiliation not provided to SSRN

Stuart E. Madnick (Contact Author)

Massachusetts Institute of Technology (MIT) - Sloan School of Management ( email )

E53-321
Cambridge, MA 02142
United States
617-253-6671 (Phone)
617-253-3321 (Fax)

Allen Moulton

Massachusetts Institute of Technology (MIT) ( email )

Center of International Studies
Cambridge, MA 02139
United States

Register to save articles to
your library

Register

Paper statistics

Downloads
6
Abstract Views
65
PlumX Metrics
!

Under construction: SSRN citations while be offline until July when we will launch a brand new and improved citations service, check here for more details.

For more information