A Graphical Adversarial Risk Analysis Model for Oil and Gas Drilling Cybersecurity

Article, Preprint English OPEN
Vieira, Aitor Couce; Houmb, Siv Hilde; Insua, David Rios;
  • Publisher: Open Publishing Association
  • Journal: Electronic Proceedings in Theoretical Computer Science (issn: 2075-2180)
  • Related identifiers: doi: 10.4204/EPTCS.148.6
  • Subject: K.6.5 | Mathematics | Computer Science - Computer Science and Game Theory | Electronic computers. Computer science | QA1-939 | QA75.5-76.95 | Computer Science - Cryptography and Security

Oil and gas drilling is based, increasingly, on operational technology, whose cybersecurity is complicated by several challenges. We propose a graphical model for cybersecurity risk assessment based on Adversarial Risk Analysis to face those challenges. We also provide ... View more
  • References (41)
    41 references, page 1 of 5

    [1] S. Amin, G. A. Schwartz & S. S. Sastry (2011): On the interdependence of reliability and security in networked control systems. In: Decision and Control and European Control Conference (CDC-ECC), 2011 50th IEEE Conference on, IEEE, pp. 4078-4083, doi:10.1109/CDC.2011.6161527.

    [2] R. Anderson & S Fuloria (2010): Security economics and critical national infrastructure. In: Economics of Information Security and Privacy, Springer, pp. 55-66, doi:10.1007/978-1-4419-6967-5_4.

    [3] A. Atzeni, C. Cameroni, S. Faily, J. Lyle & I Fléchais (2011): Here's Johnny: A methodology for developing attacker personas. In: Availability, Reliability and Security (ARES), 2011 Sixth International Conference on, IEEE, pp. 722-727, doi:10.1109/ARES.2011.115.

    [4] M. G Balchanos (2012): A probabilistic technique for the assessment of complex dynamic system resilience. Ph.D. thesis, Georgia Institute of Technology. Available at https://smartech.gatech.edu/bitstream/ handle/1853/43730/balchanos_michael_g_201205_phd.pdf.

    [5] Defense Science Board (2013): Task Force report: Resilient military systems and the advanced cyber threat. Department of Defense. Available at http://www.acq.osd.mil/dsb/reports/ ResilientMilitarySystems.CyberThreat.pdf.

    [6] J. F. Brenner (2013): Eyes wide shut: The growing threat of cyber attacks on industrial control systems. Bulletin of the atomic scientists (1974) 69(5), pp. 15-20, doi:10.1177/0096340213501372.

    [7] E. Byres & J Lowe (2004): The myths and facts behind cyber security risks for industrial control systems. In: Proceedings of the VDE Kongress, 116. Available at http://www.isa.org/CustomSource/ISA/Div_ PDFs/PDF_News/Glss_2.pdf.

    [8] A. Cardenas, S. Amin, B. Sinopoli, A. Giani, A. Perrig & S. Sastry (2009): Challenges for securing cyber physical systems. In: Workshop on future directions in cyber-physical systems security. Available at http: //cimic.rutgers.edu/positionPapers/cps-security-challenges-Cardenas.pdf.

    [9] A. A. Cárdenas, S. Amin & S. Sastry (2008): Research challenges for the security of control systems. In: HotSec. Available at http://robotics.eecs.berkeley.edu/~sastry/pubs/Pdfs%20of%202008/ CardenasResearch2008.pdf.

    [10] Conning (2013): ADVISE enterprise risk modeler. Available at https://www.conning.com/ risk-and-capital-management/software/advise.html.

  • Metrics
    No metrics available
Share - Bookmark