Rajeevan Arunthavanathan , Faisal Khan , Zaman Sajid , Md. Tanjin Amin , Kalyan Raj Kota , Shreyas Kumar
{"title":"Are the processing facilities safe and secured against cyber threats?","authors":"Rajeevan Arunthavanathan , Faisal Khan , Zaman Sajid , Md. Tanjin Amin , Kalyan Raj Kota , Shreyas Kumar","doi":"10.1016/j.ress.2025.111011","DOIUrl":null,"url":null,"abstract":"<div><div>Most processing facilities, including those in the chemical, petrochemical, and mineral industries, aim to operate as cyber-physical systems to achieve higher plant efficiency, productivity, and, in some cases, safety. However, this digital transformation increases the vulnerability of process control systems to cyber-attacks, which can disrupt operations and lead to catastrophic consequences. Traditional approaches often consider cybersecurity solely as an Information Technology (IT) issue, overlooking the critical role of Operational Technology (OT) in managing cyber threats and ensuring plant resilience. This article reviews OT cybersecurity challenges and solutions, culminating in developing a robust OT-specific cybersecurity framework. The proposed framework integrates threat modeling, real-time attack detection, and real-time mitigation to protect physical plant operations while ensuring operational continuity. Unlike existing models, the proposed framework bridges the safety-security gap by combining IT-driven cybersecurity strategies with OT-specific risk management and defense mechanisms. Key features of the framework include layered defense mechanisms, adaptive response strategies, and risk-based prioritization, all of which collectively strengthen resilience against advanced cyber threats. By systematically reviewing current cybersecurity practices and proposing a comprehensive framework, this study further recommends approaches to enhance scalability and practical applicability for advancing cybersecurity in process plant operations. The findings underscore the necessity of integrating IT and OT cybersecurity strategies to ensure industrial safety, security, and uninterrupted operations.</div></div>","PeriodicalId":54500,"journal":{"name":"Reliability Engineering & System Safety","volume":"260 ","pages":"Article 111011"},"PeriodicalIF":9.4000,"publicationDate":"2025-03-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Reliability Engineering & System Safety","FirstCategoryId":"5","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0951832025002121","RegionNum":1,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"ENGINEERING, INDUSTRIAL","Score":null,"Total":0}
引用次数: 0
Abstract
Most processing facilities, including those in the chemical, petrochemical, and mineral industries, aim to operate as cyber-physical systems to achieve higher plant efficiency, productivity, and, in some cases, safety. However, this digital transformation increases the vulnerability of process control systems to cyber-attacks, which can disrupt operations and lead to catastrophic consequences. Traditional approaches often consider cybersecurity solely as an Information Technology (IT) issue, overlooking the critical role of Operational Technology (OT) in managing cyber threats and ensuring plant resilience. This article reviews OT cybersecurity challenges and solutions, culminating in developing a robust OT-specific cybersecurity framework. The proposed framework integrates threat modeling, real-time attack detection, and real-time mitigation to protect physical plant operations while ensuring operational continuity. Unlike existing models, the proposed framework bridges the safety-security gap by combining IT-driven cybersecurity strategies with OT-specific risk management and defense mechanisms. Key features of the framework include layered defense mechanisms, adaptive response strategies, and risk-based prioritization, all of which collectively strengthen resilience against advanced cyber threats. By systematically reviewing current cybersecurity practices and proposing a comprehensive framework, this study further recommends approaches to enhance scalability and practical applicability for advancing cybersecurity in process plant operations. The findings underscore the necessity of integrating IT and OT cybersecurity strategies to ensure industrial safety, security, and uninterrupted operations.
期刊介绍:
Elsevier publishes Reliability Engineering & System Safety in association with the European Safety and Reliability Association and the Safety Engineering and Risk Analysis Division. The international journal is devoted to developing and applying methods to enhance the safety and reliability of complex technological systems, like nuclear power plants, chemical plants, hazardous waste facilities, space systems, offshore and maritime systems, transportation systems, constructed infrastructure, and manufacturing plants. The journal normally publishes only articles that involve the analysis of substantive problems related to the reliability of complex systems or present techniques and/or theoretical results that have a discernable relationship to the solution of such problems. An important aim is to balance academic material and practical applications.