IDEAS home Printed from https://ideas.repec.org/a/eee/reensy/v113y2013icp76-93.html
   My bibliography  Save this article

Analyzing vulnerabilities between SCADA system and SUC due to interdependencies

Author

Listed:
  • Nan, Cen
  • Eusgeld, Irene
  • Kröger, Wolfgang

Abstract

Interdependencies within and among Critical Infrastructures (CIs), e.g., between Industrial Control Systems (ICSs), in particular Supervisory Control and Data Acquisition (SCADA) system, and the underlying System Under Control (SUC), have dramatically increased the overall complexity of related systems, causing the emergence of unpredictable behaviors and making them more vulnerable to cascading failures. It is vital to get a clear understanding of these often hidden interdependency issues and tackle them with advanced modeling and simulation techniques. In this paper, vulnerabilities due to interdependencies between these two exemplary systems (SCADA and SUC) are investigated and analyzed comprehensively using a modified five-step methodical framework. Furthermore, suggestions for system performance improvements based on the investigation and analysis results, which could be useful to minimize the negative effects and improve their coping capacities, are also presented in this paper.

Suggested Citation

  • Nan, Cen & Eusgeld, Irene & Kröger, Wolfgang, 2013. "Analyzing vulnerabilities between SCADA system and SUC due to interdependencies," Reliability Engineering and System Safety, Elsevier, vol. 113(C), pages 76-93.
    • Handle: RePEc:eee:reensy:v:113:y:2013:i:c:p:76-93
    DOI: 10.1016/j.ress.2012.12.014
    as

    Download full text from publisher

    File URL: http://www.sciencedirect.com/science/article/pii/S0951832013000033
    Download Restriction: Full text for ScienceDirect subscribers only
    File URL: https://libkey.io/10.1016/j.ress.2012.12.014?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    As the access to this document is restricted, you may want to search for a different version of it.

    References listed on IDEAS

    as
    1. Setola, Roberto & De Porcellinis, Stefano & Sforna, Marino, 2009. "Critical infrastructure dependency assessment using the input–output inoperability model," International Journal of Critical Infrastructure Protection, Elsevier, vol. 2(4), pages 170-178.
    2. Bobbio, A. & Bonanni, G. & Ciancamerla, E. & Clemente, R. & Iacomini, A. & Minichino, M. & Scarlatti, A. & Terruggia, R. & Zendri, E., 2010. "Unavailability of critical SCADA communication links interconnecting a power grid and a Telco network," Reliability Engineering and System Safety, Elsevier, vol. 95(12), pages 1345-1357.
    3. Eusgeld, Irene & Nan, Cen & Dietz, Sven, 2011. "“System-of-systems†approach for interdependent critical infrastructures," Reliability Engineering and System Safety, Elsevier, vol. 96(6), pages 679-686.
    4. Nai Fovino, Igor & Carcano, Andrea & Masera, Marcelo & Trombetta, Alberto, 2009. "An experimental investigation of malware attacks on SCADA systems," International Journal of Critical Infrastructure Protection, Elsevier, vol. 2(4), pages 139-145.
    5. Balducelli, C. & Bologna, S. & Lavalle, L. & Vicoli, G., 2007. "Safeguarding information intensive critical infrastructures against novel types of emerging failures," Reliability Engineering and System Safety, Elsevier, vol. 92(9), pages 1218-1229.
    6. Sergey V. Buldyrev & Roni Parshani & Gerald Paul & H. Eugene Stanley & Shlomo Havlin, 2010. "Catastrophic cascade of failures in interdependent networks," Nature, Nature, vol. 464(7291), pages 1025-1028, April.
    7. Johansson, Jonas & Hassel, Henrik, 2010. "An approach for modelling interdependent infrastructures in the context of vulnerability analysis," Reliability Engineering and System Safety, Elsevier, vol. 95(12), pages 1335-1344.
    8. He, Xuhong & Wang, Yao & Shen, Zupei & Huang, Xiangrui, 2008. "A simplified CREAM prospective quantification process and its application," Reliability Engineering and System Safety, Elsevier, vol. 93(2), pages 298-306.
    9. Konstandinidou, Myrto & Nivolianitou, Zoe & Kiranoudis, Chris & Markatos, Nikolaos, 2006. "A fuzzy modeling application of CREAM methodology for human reliability analysis," Reliability Engineering and System Safety, Elsevier, vol. 91(6), pages 706-716.
    10. Hafiz Abdur Rahman & Konstantin Beznosov & Jose R. Marti, 2009. "Identification of sources of failures and their propagation in critical infrastructures from 12 years of public failure reports," International Journal of Critical Infrastructures, Inderscience Enterprises Ltd, vol. 5(3), pages 220-244.
    11. Chloe Griot, 2010. "Modelling and simulation for critical infrastructure interdependency assessment: a meta-review for model characterisation," International Journal of Critical Infrastructures, Inderscience Enterprises Ltd, vol. 6(4), pages 363-379.
    12. S. De Porcellinis & R. Setola & S. Panzieri & G. Ulivi, 2008. "Simulation of heterogeneous and interdependent critical infrastructures," International Journal of Critical Infrastructures, Inderscience Enterprises Ltd, vol. 4(1/2), pages 110-128.
    13. Eusgeld, Irene & Kröger, Wolfgang & Sansavini, Giovanni & Schläpfer, Markus & Zio, Enrico, 2009. "The role of network theory and object-oriented modeling within a framework for the vulnerability analysis of critical infrastructures," Reliability Engineering and System Safety, Elsevier, vol. 94(5), pages 954-963.
    Full references (including those not matched with items on IDEAS)

    Citations

    Citations are extracted by the CitEc Project, subscribe to its RSS feed for this item.
    as


    Cited by:

    1. Ouyang, Min, 2016. "Critical location identification and vulnerability analysis of interdependent infrastructure systems under spatially localized attacks," Reliability Engineering and System Safety, Elsevier, vol. 154(C), pages 106-116.
    2. J. S. Busby & B. Green & D. Hutchison, 2017. "Analysis of Affordance, Time, and Adaptation in the Assessment of Industrial Control System Cybersecurity Risk," Risk Analysis, John Wiley & Sons, vol. 37(7), pages 1298-1314, July.
    3. Ouyang, Min, 2014. "Review on modeling and simulation of interdependent critical infrastructure systems," Reliability Engineering and System Safety, Elsevier, vol. 121(C), pages 43-60.
    4. Ntalampiras, Stavros & Soupionis, Yannis & Giannopoulos, Georgios, 2015. "A fault diagnosis system for interdependent critical infrastructures based on HMMs," Reliability Engineering and System Safety, Elsevier, vol. 138(C), pages 73-81.
    5. Galbusera, Luca & Trucco, Paolo & Giannopoulos, Georgios, 2020. "Modeling interdependencies in multi-sectoral critical infrastructure systems: Evolving the DMCI approach," Reliability Engineering and System Safety, Elsevier, vol. 203(C).
    6. Zhao, Chen & Li, Nan & Fang, Dongping, 2018. "Criticality assessment of urban interdependent lifeline systems using a biased PageRank algorithm and a multilayer weighted directed network model," International Journal of Critical Infrastructure Protection, Elsevier, vol. 22(C), pages 100-112.
    7. Quan Mao & Nan Li, 2018. "Assessment of the impact of interdependencies on the resilience of networked critical infrastructure systems," Natural Hazards: Journal of the International Society for the Prevention and Mitigation of Natural Hazards, Springer;International Society for the Prevention and Mitigation of Natural Hazards, vol. 93(1), pages 315-337, August.
    8. Nan, Cen & Sansavini, Giovanni, 2015. "Multilayer hybrid modeling framework for the performance assessment of interdependent critical infrastructures," International Journal of Critical Infrastructure Protection, Elsevier, vol. 10(C), pages 18-33.
    9. Ouyang, Min, 2017. "A mathematical framework to optimize resilience of interdependent critical infrastructure systems under spatially localized attacks," European Journal of Operational Research, Elsevier, vol. 262(3), pages 1072-1084.
    10. Shafieezadeh, Abdollah & Ivey Burden, Lindsay, 2014. "Scenario-based resilience assessment framework for critical infrastructure systems: Case study for seismic resilience of seaports," Reliability Engineering and System Safety, Elsevier, vol. 132(C), pages 207-219.
    11. Bhandari, Pratik & Creighton, Douglas & Gong, Jinzhe & Boyle, Carol & Law, Kris M.Y., 2023. "Evolution of cyber-physical-human water systems: Challenges and gaps," Technological Forecasting and Social Change, Elsevier, vol. 191(C).
    12. Nan, Cen & Sansavini, Giovanni, 2017. "A quantitative method for assessing resilience of interdependent infrastructures," Reliability Engineering and System Safety, Elsevier, vol. 157(C), pages 35-53.

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Ouyang, Min, 2014. "Review on modeling and simulation of interdependent critical infrastructure systems," Reliability Engineering and System Safety, Elsevier, vol. 121(C), pages 43-60.
    2. Abedi, Amin & Gaudard, Ludovic & Romerio, Franco, 2019. "Review of major approaches to analyze vulnerability in power system," Reliability Engineering and System Safety, Elsevier, vol. 183(C), pages 153-172.
    3. Wang, Shuliang & Hong, Liu & Chen, Xueguang, 2012. "Vulnerability analysis of interdependent infrastructure systems: A methodological framework," Physica A: Statistical Mechanics and its Applications, Elsevier, vol. 391(11), pages 3323-3335.
    4. Wu, Baichao & Tang, Aiping & Wu, Jie, 2016. "Modeling cascading failures in interdependent infrastructures under terrorist attacks," Reliability Engineering and System Safety, Elsevier, vol. 147(C), pages 1-8.
    5. Almoghathawi, Yasser & Barker, Kash & Albert, Laura A., 2019. "Resilience-driven restoration model for interdependent infrastructure networks," Reliability Engineering and System Safety, Elsevier, vol. 185(C), pages 12-23.
    6. Wang, Weiping & Yang, Saini & Hu, Fuyu & Stanley, H. Eugene & He, Shuai & Shi, Mimi, 2018. "An approach for cascading effects within critical infrastructure systems," Physica A: Statistical Mechanics and its Applications, Elsevier, vol. 510(C), pages 164-177.
    7. Almoghathawi, Yasser & Selim, Shokri & Barker, Kash, 2023. "Community structure recovery optimization for partial disruption, functionality, and restoration in interdependent networks," Reliability Engineering and System Safety, Elsevier, vol. 229(C).
    8. Nan, Cen & Sansavini, Giovanni, 2017. "A quantitative method for assessing resilience of interdependent infrastructures," Reliability Engineering and System Safety, Elsevier, vol. 157(C), pages 35-53.
    9. Wu, Bing & Yip, Tsz Leung & Yan, Xinping & Guedes Soares, C., 2022. "Review of techniques and challenges of human and organizational factors analysis in maritime transportation," Reliability Engineering and System Safety, Elsevier, vol. 219(C).
    10. Sezer, Sukru Ilke & Akyuz, Emre & Arslan, Ozcan, 2022. "An extended HEART Dempster–Shafer evidence theory approach to assess human reliability for the gas freeing process on chemical tankers," Reliability Engineering and System Safety, Elsevier, vol. 220(C).
    11. Johnson, Caroline A. & Flage, Roger & Guikema, Seth D., 2021. "Feasibility study of PRA for critical infrastructure risk analysis," Reliability Engineering and System Safety, Elsevier, vol. 212(C).
    12. Singh, Abhishek Narain & Gupta, M.P. & Ojha, Amitabh, 2014. "Identifying critical infrastructure sectors and their dependencies: An Indian scenario," International Journal of Critical Infrastructure Protection, Elsevier, vol. 7(2), pages 71-85.
    13. Rui Peng & Di Wu & Mengyao Sun & Shaomin Wu, 2021. "An attack-defense game on interdependent networks," Journal of the Operational Research Society, Taylor & Francis Journals, vol. 72(10), pages 2331-2341, October.
    14. Zio, Enrico, 2016. "Challenges in the vulnerability and risk analysis of critical infrastructures," Reliability Engineering and System Safety, Elsevier, vol. 152(C), pages 137-150.
    15. Yifan Yang & S. Thomas Ng & Frank J. Xu & Martin Skitmore & Shenghua Zhou, 2019. "Towards Resilient Civil Infrastructure Asset Management: An Information Elicitation and Analytical Framework," Sustainability, MDPI, vol. 11(16), pages 1-24, August.
    16. Ji, Xingpei & Wang, Bo & Liu, Dichen & Dong, Zhaoyang & Chen, Guo & Zhu, Zhenshan & Zhu, Xuedong & Wang, Xunting, 2016. "Will electrical cyber–physical interdependent networks undergo first-order transition under random attacks?," Physica A: Statistical Mechanics and its Applications, Elsevier, vol. 460(C), pages 235-245.
    17. Gao, Xingle & Peng, Minfang & Tse, Chi K., 2022. "Robustness analysis of cyber-coupled power systems with considerations of interdependence of structures, operations and dynamic behaviors," Physica A: Statistical Mechanics and its Applications, Elsevier, vol. 596(C).
    18. Stødle, Kaia & Metcalfe, Caroline A. & Brunner, Logan G. & Saliani, Julian N. & Flage, Roger & Guikema, Seth D., 2021. "Dependent infrastructure system modeling: A case study of the St. Kitts power and water distribution systems," Reliability Engineering and System Safety, Elsevier, vol. 209(C).
    19. Filippini, Roberto & Silva, Andrés, 2014. "A modeling framework for the resilience analysis of networked systems-of-systems based on functional dependencies," Reliability Engineering and System Safety, Elsevier, vol. 125(C), pages 82-91.
    20. Kashin Sugishita & Yasuo Asakura, 2021. "Vulnerability studies in the fields of transportation and complex networks: a citation network analysis," Public Transport, Springer, vol. 13(1), pages 1-34, March.

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:eee:reensy:v:113:y:2013:i:c:p:76-93. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Catherine Liu (email available below). General contact details of provider: https://www.journals.elsevier.com/reliability-engineering-and-system-safety .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.