An Examination of Software Tool Features Needed to Help Secure Energy Delivery Industrial Control Systems

69 Pages Posted: 17 Apr 2019

See all articles by Taylor Andrews

Taylor Andrews

MIT Sloan School of Management

Allen Moulton

Massachusetts Institute of Technology (MIT)

Stuart Madnick

Massachusetts Institute of Technology (MIT) - Sloan School of Management

Date Written: August 1, 2018

Abstract

In December 2015, coordinated cyberattacks targeting Ukrainian power distribution systems’ information technology (IT), industrial control systems (ICS), and operational technology (OT) resulted in physical damage to Ethernet serial converters, intentional disabling of distribution facility backup generators, denial of service attacks on customer support call centers, and permanent destruction of workstation hard drive data, causing temporary citywide power grid failure that affected 225,000 people. It was discovered the attack in Ukraine took place months after initial network penetration, after extensive surveillance and data gathering was first performed, indicating cyber attackers are attempting to prolong intrusions and avoid detection in an effort to practice, simulate, and perfect militarized-style attack architectures to maximize damages. In March of 2018, after joint collaboration, the U.S. Department of Homeland Security and FBI released an alert that documented details of a multi-year, extensive surveillance and intrusion campaign from state sponsored “threat actors” that widely penetrated U.S. energy distribution systems with malware designed to enable covert remote access and technical manipulation abilities, to be able to perform similar attacks on American power grids. The growing number of cyber-physical intrusions to energy distribution systems require preventative, structured cybersecurity analysis to produce attack scenarios, causal factors, design changes, and new requirements to secure energy systems before systems are compromised, ideally at system design and development time. Hazard analysis, safety analysis, and reliability analysis must no longer be considered solely from the point of view of single component, engineering-based failures, but must all evolve to foresee premeditated, malicious, and coordinated actions of human organizations that intentionally cause disastrous multi-component failure scenarios after careful reconnaissance and reverse engineering.

In this paper, we explain systems theoretic cybersafety, we document an exploration of software tool features that support systems theoretic cybersafety analysis automation, provide a detailed list of STAMP software tool specification requirement areas to consider when designing future systems theoretic cybersafety tools, and finally we include some data structures for systems theoretic cybersafety analysis information organization. Through an energy distribution system example in Section 3, we also demonstrate how one currently may use software tool features to perform systems theoretic cybersafety analysis using STAMP, and produce system changes to defend and defeat when analyzing existing systems or designing new ones.

Suggested Citation

Andrews, Taylor and Moulton, Allen and Madnick, Stuart E., An Examination of Software Tool Features Needed to Help Secure Energy Delivery Industrial Control Systems (August 1, 2018). MIT Sloan Research Paper No. 5722-18. Available at SSRN: https://ssrn.com/abstract=3370547 or http://dx.doi.org/10.2139/ssrn.3370547

Taylor Andrews

MIT Sloan School of Management ( email )

100 Main Street
Cambridge, MA 02142
United States

Allen Moulton

Massachusetts Institute of Technology (MIT) ( email )

Center of International Studies
Cambridge, MA 02139
United States

Stuart E. Madnick (Contact Author)

Massachusetts Institute of Technology (MIT) - Sloan School of Management ( email )

E53-321
Cambridge, MA 02142
United States
617-253-6671 (Phone)
617-253-3321 (Fax)

Register to save articles to
your library

Register

Paper statistics

Downloads
11
Abstract Views
76
PlumX Metrics
!

Under construction: SSRN citations will be offline until July when we will launch a brand new and improved citations service, check here for more details.

For more information