Protecting Chiller Systems from Cyberattack Using a Systems Thinking Approach
Recent world events and geopolitics have brought the vulnerability of critical infrastructure to cyberattacks to the forefront. While there has been considerable attention to attacks on Information Technology (IT) systems, such as data theft and ransomware, the vulnerabilities and dangers posed by i...
| Main Authors: | , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
MDPI AG
2022-11-01
|
| Series: | Network |
| Subjects: | |
| Online Access: | https://www.mdpi.com/2673-8732/2/4/35 |
| _version_ | 1797455932297314304 |
|---|---|
| author | Shaharyar Khan Stuart Madnick |
| author_facet | Shaharyar Khan Stuart Madnick |
| author_sort | Shaharyar Khan |
| collection | DOAJ |
| description | Recent world events and geopolitics have brought the vulnerability of critical infrastructure to cyberattacks to the forefront. While there has been considerable attention to attacks on Information Technology (IT) systems, such as data theft and ransomware, the vulnerabilities and dangers posed by industrial control systems (ICS) have received significantly less attention. What is very different is that industrial control systems can be made to do things that could destroy equipment or even harm people. For example, in 2021 the US encountered a cyberattack on a water treatment plant in Florida that could have resulted in serious injuries or even death. These risks are based on the unique physical characteristics of these industrial systems. In this paper, we present a holistic, integrated safety and security analysis, we call Cybersafety, based on the STAMP (System-Theoretic Accident Model and Processes) framework, for one such industrial system—an industrial chiller plant—as an example. In this analysis, we identify vulnerabilities emerging from interactions between technology, operator actions as well as organizational structure, and provide recommendations to mitigate resulting loss scenarios in a systematic manner. |
| first_indexed | 2024-03-09T16:01:17Z |
| format | Article |
| id | doaj.art-65e06da03ad04626b8e497dd4f191ac1 |
| institution | Directory Open Access Journal |
| issn | 2673-8732 |
| language | English |
| last_indexed | 2024-03-09T16:01:17Z |
| publishDate | 2022-11-01 |
| publisher | MDPI AG |
| record_format | Article |
| series | Network |
| spelling | doaj.art-65e06da03ad04626b8e497dd4f191ac12023-11-24T17:05:47ZengMDPI AGNetwork2673-87322022-11-012460662710.3390/network2040035Protecting Chiller Systems from Cyberattack Using a Systems Thinking ApproachShaharyar Khan0Stuart Madnick1Sloan School of Management, Massachusetts Institute of Technology, Cambridge, MA 02139, USASloan School of Management, Massachusetts Institute of Technology, Cambridge, MA 02139, USARecent world events and geopolitics have brought the vulnerability of critical infrastructure to cyberattacks to the forefront. While there has been considerable attention to attacks on Information Technology (IT) systems, such as data theft and ransomware, the vulnerabilities and dangers posed by industrial control systems (ICS) have received significantly less attention. What is very different is that industrial control systems can be made to do things that could destroy equipment or even harm people. For example, in 2021 the US encountered a cyberattack on a water treatment plant in Florida that could have resulted in serious injuries or even death. These risks are based on the unique physical characteristics of these industrial systems. In this paper, we present a holistic, integrated safety and security analysis, we call Cybersafety, based on the STAMP (System-Theoretic Accident Model and Processes) framework, for one such industrial system—an industrial chiller plant—as an example. In this analysis, we identify vulnerabilities emerging from interactions between technology, operator actions as well as organizational structure, and provide recommendations to mitigate resulting loss scenarios in a systematic manner.https://www.mdpi.com/2673-8732/2/4/35cybersecuritycybersafetystampSTPAsystem securityindustrial chillers |
| spellingShingle | Shaharyar Khan Stuart Madnick Protecting Chiller Systems from Cyberattack Using a Systems Thinking Approach Network cybersecurity cybersafety stamp STPA system security industrial chillers |
| title | Protecting Chiller Systems from Cyberattack Using a Systems Thinking Approach |
| title_full | Protecting Chiller Systems from Cyberattack Using a Systems Thinking Approach |
| title_fullStr | Protecting Chiller Systems from Cyberattack Using a Systems Thinking Approach |
| title_full_unstemmed | Protecting Chiller Systems from Cyberattack Using a Systems Thinking Approach |
| title_short | Protecting Chiller Systems from Cyberattack Using a Systems Thinking Approach |
| title_sort | protecting chiller systems from cyberattack using a systems thinking approach |
| topic | cybersecurity cybersafety stamp STPA system security industrial chillers |
| url | https://www.mdpi.com/2673-8732/2/4/35 |
| work_keys_str_mv | AT shaharyarkhan protectingchillersystemsfromcyberattackusingasystemsthinkingapproach AT stuartmadnick protectingchillersystemsfromcyberattackusingasystemsthinkingapproach |