Security attack analysis of safety systems

被引:0
|
作者
Hansen, Kai [1 ]
机构
[1] ABB Corp Reseach, N-1375 Billingstad, Norway
来源
2009 IEEE CONFERENCE ON EMERGING TECHNOLOGIES & FACTORY AUTOMATION (EFTA 2009) | 2009年
关键词
D O I
暂无
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
An analysis of the security threats from attack scenarios for a state of the art safety certified control system is done here in order to provide a realistic discussion of the risk that a hacker could endanger, even kill people or harm the environment by such means. The security discussion here is done from a practical hacker's point of view instead of an analytic categorization. We show that even if there are known issues of using these outside a protected network, the challenges that a hostile hacker faces are much larger than a typical case. Most safety communication protocols are a vulnerable point in the system, with higher risk of dangerous compromising than the safety devices. We show that the most likely outcome of hacking a safety system is bringing the system to fail safe state, harming the availability instead of the safety.
引用
收藏
页数:4
相关论文
共 50 条
  • [1] Quantitative security and safety analysis with attack-fault trees
    Kumar, Rajesh
    Stoelinga, Marielle
    2017 IEEE 18TH INTERNATIONAL SYMPOSIUM ON HIGH ASSURANCE SYSTEMS ENGINEERING (HASE 2017), 2017, : 25 - 32
  • [2] Security Analysis of IoT Systems Using Attack Trees
    Beaulaton, Delphine
    Said, Najah Ben
    Cristescu, Ioana
    Sadou, Salah
    GRAPHICAL MODELS FOR SECURITY, GRAMSEC 2019, 2019, 11720 : 68 - 94
  • [3] Nuclear Multiscale Systems Analysis for Safety and Security
    Pourgol-Mohammad, Mohammad
    Cizelj, Leon
    ASCE-ASME JOURNAL OF RISK AND UNCERTAINTY IN ENGINEERING SYSTEMS PART B-MECHANICAL ENGINEERING, 2018, 4 (03):
  • [4] Behavior Analysis for Safety and Security in Automotive Systems
    Rieke, Roland
    Seidemann, Marc
    Talla, Elise Kengni
    Zelle, Daniel
    Seeger, Bernhard
    2017 25TH EUROMICRO INTERNATIONAL CONFERENCE ON PARALLEL, DISTRIBUTED AND NETWORK-BASED PROCESSING (PDP 2017), 2017, : 381 - 385
  • [5] Joint Safety and Security Analysis for Complex Systems
    Bezzateev, Sergey
    Voloshina, Natalia
    Sankin, Petr
    PROCEEDINGS OF THE 2013 13TH CONFERENCE OF OPEN INNOVATIONS ASSOCIATION (FRUCT), 2013, : 3 - 13
  • [6] Attacks on ML Systems: From Security Analysis to Attack Mitigation
    Zou, Qingtian
    Zhang, Lan
    Singhal, Anoop
    Sun, Xiaoyan
    Liu, Peng
    INFORMATION SYSTEMS SECURITY, ICISS 2022, 2022, 13784 : 119 - 138
  • [7] Security Attack Analysis Using Attack Patterns
    Li, Tong
    Paja, Elda
    Mylopoulos, John
    Horkoff, Jennifer
    Beckers, Kristian
    2016 IEEE TENTH INTERNATIONAL CONFERENCE ON RESEARCH CHALLENGES IN INFORMATION SCIENCE (RCIS), 2016, : 513 - 525
  • [8] A safety/security risk analysis approach of Industrial Control Systems: A cyber bowtie - combining new version of attack tree with bowtie analysis
    Abdo, H.
    Kaouk, M.
    Flaus, J. -M.
    Masse, F.
    COMPUTERS & SECURITY, 2018, 72 : 175 - 195
  • [9] Use of Attack Graphs in Security Systems
    Shandilya, Vivek
    Simmons, Chris B.
    Shiva, Sajjan
    JOURNAL OF COMPUTER NETWORKS AND COMMUNICATIONS, 2014, 2014 (2014)
  • [10] Security Analysis of Information Systems Based on Attack Sequences Generation and Testing
    Kryukov, Roman
    Doynikova, Elena
    Kotenko, Igor
    INTELLIGENT DISTRIBUTED COMPUTING XIV, 2022, 1026 : 427 - 437
12345