用于威胁建模和攻击矢量分析的火力发电厂硬件在环 (HIL) 试验台设计

IF 4.1 3区工程技术 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

International Journal of Critical Infrastructure Protection Pub Date : 2024-04-17 DOI:10.1016/j.ijcip.2024.100675

Midhya Mathew , Faruk Kazi

{"title":"用于威胁建模和攻击矢量分析的火力发电厂硬件在环 (HIL) 试验台设计","authors":"Midhya Mathew , Faruk Kazi","doi":"10.1016/j.ijcip.2024.100675","DOIUrl":null,"url":null,"abstract":"<div><p>Industrial control systems (ICSs) are extensively utilized worldwide to control and regulate various processes in energy utilities. It consists of various field devices, control and monitoring devices and communication devices. This paper focuses on the testing and analysis of various attack vectors that could potentially occur in a hardware-in-loop (HIL) Industrial Control System (ICS) testbed designed for a 500 MW thermal power plant. In this testbed, four typical process scenarios have been identified that can be manipulated through cyber-attacks, leading to severe issues such as plant shutdown or even explosions. The four significant plant scenarios recognized include minimal coal mill levels and increased temperatures in the classifier, heightened primary airflow to the coal mill, the tripping of an ID fan, and adjustment of the Super-heater temperature to its lowest setting. Also, we utilize the STRIDE threat modeling methodology to accurately represents the elements of Cyber-Physical Systems (CPS), their inter-dependencies, and the potential attack entry points and system vulnerabilities.</p></div>","PeriodicalId":49057,"journal":{"name":"International Journal of Critical Infrastructure Protection","volume":"45 ","pages":"Article 100675"},"PeriodicalIF":4.1000,"publicationDate":"2024-04-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Hardware-in-Loop (HIL) Testbed Design of Thermal Power Plant for Threat Modeling and Attack Vector Analysis\",\"authors\":\"Midhya Mathew , Faruk Kazi\",\"doi\":\"10.1016/j.ijcip.2024.100675\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><p>Industrial control systems (ICSs) are extensively utilized worldwide to control and regulate various processes in energy utilities. It consists of various field devices, control and monitoring devices and communication devices. This paper focuses on the testing and analysis of various attack vectors that could potentially occur in a hardware-in-loop (HIL) Industrial Control System (ICS) testbed designed for a 500 MW thermal power plant. In this testbed, four typical process scenarios have been identified that can be manipulated through cyber-attacks, leading to severe issues such as plant shutdown or even explosions. The four significant plant scenarios recognized include minimal coal mill levels and increased temperatures in the classifier, heightened primary airflow to the coal mill, the tripping of an ID fan, and adjustment of the Super-heater temperature to its lowest setting. Also, we utilize the STRIDE threat modeling methodology to accurately represents the elements of Cyber-Physical Systems (CPS), their inter-dependencies, and the potential attack entry points and system vulnerabilities.</p></div>\",\"PeriodicalId\":49057,\"journal\":{\"name\":\"International Journal of Critical Infrastructure Protection\",\"volume\":\"45 \",\"pages\":\"Article 100675\"},\"PeriodicalIF\":4.1000,\"publicationDate\":\"2024-04-17\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"International Journal of Critical Infrastructure Protection\",\"FirstCategoryId\":\"5\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S1874548224000167\",\"RegionNum\":3,\"RegionCategory\":\"工程技术\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Critical Infrastructure Protection","FirstCategoryId":"5","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1874548224000167","RegionNum":3,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

摘要

工业控制系统（ICS）在全球范围内被广泛用于控制和调节能源公用事业中的各种流程。它由各种现场设备、控制和监控设备以及通信设备组成。本文的重点是测试和分析在为 500 兆瓦火力发电厂设计的硬件在环 (HIL) 工业控制系统 (ICS) 测试平台中可能出现的各种攻击向量。在该测试平台中，确定了四种典型的流程场景，可通过网络攻击进行操纵，从而导致严重问题，如工厂停工甚至爆炸。这四种重要的工厂场景包括：磨煤机煤位极低、分级机温度升高、磨煤机一次风量增大、ID 风机跳闸以及将超级加热器温度调整到最低设置。此外，我们还利用 STRIDE 威胁建模方法来准确表示网络物理系统 (CPS) 的要素、相互依赖关系以及潜在的攻击入口点和系统漏洞。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Hardware-in-Loop (HIL) Testbed Design of Thermal Power Plant for Threat Modeling and Attack Vector Analysis

Industrial control systems (ICSs) are extensively utilized worldwide to control and regulate various processes in energy utilities. It consists of various field devices, control and monitoring devices and communication devices. This paper focuses on the testing and analysis of various attack vectors that could potentially occur in a hardware-in-loop (HIL) Industrial Control System (ICS) testbed designed for a 500 MW thermal power plant. In this testbed, four typical process scenarios have been identified that can be manipulated through cyber-attacks, leading to severe issues such as plant shutdown or even explosions. The four significant plant scenarios recognized include minimal coal mill levels and increased temperatures in the classifier, heightened primary airflow to the coal mill, the tripping of an ID fan, and adjustment of the Super-heater temperature to its lowest setting. Also, we utilize the STRIDE threat modeling methodology to accurately represents the elements of Cyber-Physical Systems (CPS), their inter-dependencies, and the potential attack entry points and system vulnerabilities.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

International Journal of Critical Infrastructure Protection COMPUTER SCIENCE, INFORMATION SYSTEMS-ENGINEERING, MULTIDISCIPLINARY

CiteScore

8.90

自引率

5.60%

发文量

审稿时长

>12 weeks

期刊介绍： The International Journal of Critical Infrastructure Protection (IJCIP) was launched in 2008, with the primary aim of publishing scholarly papers of the highest quality in all areas of critical infrastructure protection. Of particular interest are articles that weave science, technology, law and policy to craft sophisticated yet practical solutions for securing assets in the various critical infrastructure sectors. These critical infrastructure sectors include: information technology, telecommunications, energy, banking and finance, transportation systems, chemicals, critical manufacturing, agriculture and food, defense industrial base, public health and health care, national monuments and icons, drinking water and water treatment systems, commercial facilities, dams, emergency services, nuclear reactors, materials and waste, postal and shipping, and government facilities. Protecting and ensuring the continuity of operation of critical infrastructure assets are vital to national security, public health and safety, economic vitality, and societal wellbeing. The scope of the journal includes, but is not limited to: 1. Analysis of security challenges that are unique or common to the various infrastructure sectors. 2. Identification of core security principles and techniques that can be applied to critical infrastructure protection. 3. Elucidation of the dependencies and interdependencies existing between infrastructure sectors and techniques for mitigating the devastating effects of cascading failures. 4. Creation of sophisticated, yet practical, solutions, for critical infrastructure protection that involve mathematical, scientific and engineering techniques, economic and social science methods, and/or legal and public policy constructs.