loading
Papers Papers/2022 Papers Papers/2022

Research.Publish.Connect.

Paper

Paper Unlock

Authors: Panagiotis Dedousis 1 ; George Stergiopoulos 1 ; 2 ; George Arampatzis 3 and Dimitris Gritzalis 1

Affiliations: 1 Dept. of Informatics, Athens University of Economics & Business, Athens, Greece ; 2 Dept. of Information & Communication Systems Engineering, University of the Aegean, Samos, Greece ; 3 School of Production Engineering & Management, Technical University of Crete, Chania, Greece

Keyword(s): Critical Infrastructure Protection, Component Cascading Failures, Dependency Risk Graphs, Resilience.

Abstract: During the past decades, and especially since the Stuxnet event, there has being a growing concern around the protection of critical infrastructures. Even though the protection of such systems and services has been an international security priority, still, even after all those years, relevant research either focuses on individual ICS systems security (PLC, RTU and SCADA network protection and attacks), or uses high-level models to perform risk assessments, mostly from a system-of-systems scope that studies interdependencies. From an engineering perspective, current approaches address system resilience from an efficiency perspective (i.e. focusing on the availability of physical processes) while neglecting the security dimension of their components. Still, the availability and reliability requirements of such systems are directly affected by security incidents. To our knowledge, there is currently no process to integrate security-by-design in industrial critical infrastructure engine ering. To this end, we present a method to integrate security risk assessment analysis into engineering design practices. We do this by modeling internal dependencies between physical components in critical industrial production processes to identify possible hotspots of system failures that are challenging to handle later in the development lifecycle, especially during operation. To validate our approach, we model and assess the present situation in a portion of an actual oil refining plant, thereby establishing a baseline model. Then we introduce risk mitigation measures by altering the design of the baseline model, resulting in a reduction of the overall cascade risk. (More)

CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 3.147.205.19

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Dedousis, P.; Stergiopoulos, G.; Arampatzis, G. and Gritzalis, D. (2021). Towards Integrating Security in Industrial Engineering Design Practices. In Proceedings of the 18th International Conference on Security and Cryptography - SECRYPT; ISBN 978-989-758-524-1; ISSN 2184-7711, SciTePress, pages 161-172. DOI: 10.5220/0010544001610172

@conference{secrypt21,
author={Panagiotis Dedousis. and George Stergiopoulos. and George Arampatzis. and Dimitris Gritzalis.},
title={Towards Integrating Security in Industrial Engineering Design Practices},
booktitle={Proceedings of the 18th International Conference on Security and Cryptography - SECRYPT},
year={2021},
pages={161-172},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0010544001610172},
isbn={978-989-758-524-1},
issn={2184-7711},
}

TY - CONF

JO - Proceedings of the 18th International Conference on Security and Cryptography - SECRYPT
TI - Towards Integrating Security in Industrial Engineering Design Practices
SN - 978-989-758-524-1
IS - 2184-7711
AU - Dedousis, P.
AU - Stergiopoulos, G.
AU - Arampatzis, G.
AU - Gritzalis, D.
PY - 2021
SP - 161
EP - 172
DO - 10.5220/0010544001610172
PB - SciTePress