IDEAS home Printed from https://ideas.repec.org/a/eee/reensy/v260y2025ics0951832025002121.html
   My bibliography  Save this article

Are the processing facilities safe and secured against cyber threats?

Author

Listed:
  • Arunthavanathan, Rajeevan
  • Khan, Faisal
  • Sajid, Zaman
  • Amin, Md. Tanjin
  • Kota, Kalyan Raj
  • Kumar, Shreyas

Abstract

Most processing facilities, including those in the chemical, petrochemical, and mineral industries, aim to operate as cyber-physical systems to achieve higher plant efficiency, productivity, and, in some cases, safety. However, this digital transformation increases the vulnerability of process control systems to cyber-attacks, which can disrupt operations and lead to catastrophic consequences. Traditional approaches often consider cybersecurity solely as an Information Technology (IT) issue, overlooking the critical role of Operational Technology (OT) in managing cyber threats and ensuring plant resilience. This article reviews OT cybersecurity challenges and solutions, culminating in developing a robust OT-specific cybersecurity framework. The proposed framework integrates threat modeling, real-time attack detection, and real-time mitigation to protect physical plant operations while ensuring operational continuity. Unlike existing models, the proposed framework bridges the safety-security gap by combining IT-driven cybersecurity strategies with OT-specific risk management and defense mechanisms. Key features of the framework include layered defense mechanisms, adaptive response strategies, and risk-based prioritization, all of which collectively strengthen resilience against advanced cyber threats. By systematically reviewing current cybersecurity practices and proposing a comprehensive framework, this study further recommends approaches to enhance scalability and practical applicability for advancing cybersecurity in process plant operations. The findings underscore the necessity of integrating IT and OT cybersecurity strategies to ensure industrial safety, security, and uninterrupted operations.

Suggested Citation

  • Arunthavanathan, Rajeevan & Khan, Faisal & Sajid, Zaman & Amin, Md. Tanjin & Kota, Kalyan Raj & Kumar, Shreyas, 2025. "Are the processing facilities safe and secured against cyber threats?," Reliability Engineering and System Safety, Elsevier, vol. 260(C).
    • Handle: RePEc:eee:reensy:v:260:y:2025:i:c:s0951832025002121
    DOI: 10.1016/j.ress.2025.111011
    as

    Download full text from publisher

    File URL: http://www.sciencedirect.com/science/article/pii/S0951832025002121
    Download Restriction: Full text for ScienceDirect subscribers only
    File URL: https://libkey.io/10.1016/j.ress.2025.111011?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    As the access to this document is restricted, you may want to search for a different version of it.

    References listed on IDEAS

    as
    1. Wang, Huaizhi & Meng, Anjian & Liu, Yitao & Fu, Xueqian & Cao, Guangzhong, 2019. "Unscented Kalman Filter based interval state estimation of cyber physical energy system for detection of dynamic attack," Energy, Elsevier, vol. 188(C).
    2. ., 2024. "Europe’s environmental transition and competitiveness," Chapters, in: Sovereign Europe, chapter 3, pages 47-64, Edward Elgar Publishing.
    3. Cao, Jingyi & Li, Dongchen & Young, Virginia R. & Zou, Bin, 2024. "Strategic underreporting and optimal deductible insurance," ASTIN Bulletin, Cambridge University Press, vol. 54(3), pages 767-790, September.
    4. Iaiani, Matteo & Fazari, Giuseppe & Tugnoli, Alessandro & Cozzani, Valerio, 2025. "Identification of reference security scenarios from past event datasets by Bayesian Network analysis," Reliability Engineering and System Safety, Elsevier, vol. 254(PB).
    5. Tian, Kun & Li, Yang & Wang, Canghong & Zhou, Tingyuan, 2024. "Corporate strategic differences and earnings management," Finance Research Letters, Elsevier, vol. 59(C).
    6. ., 2024. "European Securities and Markets Authority," Chapters, in: EU Banking and Financial Regulation, chapter 3, pages 23-34, Edward Elgar Publishing.
    7. ., 2024. "European Banking Authority," Chapters, in: EU Banking and Financial Regulation, chapter 2, pages 11-22, Edward Elgar Publishing.
    8. IAIANI, Matteo & TUGNOLI, Alessandro & BONVICINI, Sarah & COZZANI, Valerio, 2021. "Analysis of Cybersecurity-related Incidents in the Process Industry," Reliability Engineering and System Safety, Elsevier, vol. 209(C).
    9. ., 2024. "European Social Entrepreneurship Funds (EUSEF) Regulation," Chapters, in: EU Banking and Financial Regulation, chapter 39, pages 413-418, Edward Elgar Publishing.
    10. ., 2024. "Conclusion: strategy in governance for transition," Chapters, in: Strategy for Sustainability Transitions, chapter 14, pages 293-300, Edward Elgar Publishing.
    11. ., 2024. "European Central Bank," Chapters, in: EU Banking and Financial Regulation, chapter 5, pages 43-50, Edward Elgar Publishing.
    12. Sushil & Sanjay Dhir, 2024. "Strategic Alliances and Networks," Springer Books, in: Strategic Management, chapter 0, pages 213-226, Springer.
    13. Robert Grubbs & Jeremiah Stoddard & Sarah Freeman & Ron Fisher, 2021. "Evolution and Trends of Industrial Control System Cyber Incidents since 2017," Journal of Critical Infrastructure Policy, John Wiley & Sons, vol. 2(2), pages 45-79, September.
    14. ., 2024. "European Venture Capital Funds (EuVECA) Regulation," Chapters, in: EU Banking and Financial Regulation, chapter 40, pages 419-424, Edward Elgar Publishing.
    15. Iaiani, Matteo & Tugnoli, Alessandro & Macini, Paolo & Cozzani, Valerio, 2021. "Outage and asset damage triggered by malicious manipulation of the control system in process plants," Reliability Engineering and System Safety, Elsevier, vol. 213(C).
    16. ., 2024. "Europe in the new world," Chapters, in: Sovereign Europe, chapter 5, pages 85-103, Edward Elgar Publishing.
    17. Knowles, William & Prince, Daniel & Hutchison, David & Disso, Jules Ferdinand Pagna & Jones, Kevin, 2015. "A survey of cyber security management in industrial control systems," International Journal of Critical Infrastructure Protection, Elsevier, vol. 9(C), pages 52-80.
    18. Francesco Poli & Yi-Lin Li & Pravallika Naidu & Rogier B. Mars & Sabine Hunnius & Azzurra Ruggeri, 2024. "Toddlers strategically adapt their information search," Nature Communications, Nature, vol. 15(1), pages 1-10, December.
    19. ., 2024. "Service strategies in sport management," Chapters, in: Services in Sport Management, chapter 11, pages 211-224, Edward Elgar Publishing.
    20. Bolton, Matthew L. & Molinaro, Kylie A. & Houser, Adam M., 2019. "A formal method for assessing the impact of task-based erroneous human behavior on system safety," Reliability Engineering and System Safety, Elsevier, vol. 188(C), pages 168-180.
    21. Zhenze Liu & Chunyang Wang & Weiping Wang & Yang Li, 2022. "Online Cyber-Attack Detection in the Industrial Control System: A Deep Reinforcement Learning Approach," Mathematical Problems in Engineering, Hindawi, vol. 2022, pages 1-9, July.
    22. Irina Brass & Jesse H. Sowell, 2021. "Adaptive governance for the Internet of Things: Coping with emerging security risks," Regulation & Governance, John Wiley & Sons, vol. 15(4), pages 1092-1110, October.
    23. Li, Ningwei & Li, Zhihua & Liu, Hong & Yang, Qingshan, 2024. "Strategic information leakage with market supervision," The North American Journal of Economics and Finance, Elsevier, vol. 73(C).
    24. ., 2024. "European Insurance and Occupational Pensions Authority," Chapters, in: EU Banking and Financial Regulation, chapter 4, pages 35-42, Edward Elgar Publishing.
    25. Wang, Wenhao & Zhang, Qingyi & An, Pengda & Cai, Feifei, 2024. "Momentum and reversal strategies with low uncertainty," Finance Research Letters, Elsevier, vol. 68(C).
    26. ., 2024. "European Market Infrastructure Regulation (EMIR)," Chapters, in: EU Banking and Financial Regulation, chapter 29, pages 309-329, Edward Elgar Publishing.
    27. Zhao, Tianxiang & Tu, Haicheng & Jin, Rui & Xia, Yongxiang & Wang, Fangfang, 2024. "Improving resilience of cyber–physical power systems against cyber attacks through strategic energy storage deployment," Reliability Engineering and System Safety, Elsevier, vol. 252(C).
    28. ., 2024. "Americans in Europe: the established as outsider," Chapters, in: Power, Pain and Professional Cycling, chapter 10, pages 161-179, Edward Elgar Publishing.
    29. Sushil & Sanjay Dhir, 2024. "Strategic Management: In Retrospect and Prospect," Springer Books, in: Strategic Management, chapter 0, pages 3-16, Springer.
    30. Berghout, Tarek & Benbouzid, Mohamed, 2022. "EL-NAHL: Exploring labels autoencoding in augmented hidden layers of feedforward neural networks for cybersecurity in smart grids," Reliability Engineering and System Safety, Elsevier, vol. 226(C).
    31. ., 2024. "European Long-Term Investment Funds (ELTIF) Regulation," Chapters, in: EU Banking and Financial Regulation, chapter 41, pages 425-432, Edward Elgar Publishing.
    32. Barry Sheehan & Finbarr Murphy & Arash N. Kia & Ronan Kiely, 2021. "A quantitative bow-tie cyber risk classification and assessment framework," Journal of Risk Research, Taylor & Francis Journals, vol. 24(12), pages 1619-1638, December.
    33. ., 2024. "European Systemic Risk Board," Chapters, in: EU Banking and Financial Regulation, chapter 6, pages 51-54, Edward Elgar Publishing.
    34. ., 2024. "Towards European economic sovereignty," Chapters, in: Sovereign Europe, chapter 6, pages 104-116, Edward Elgar Publishing.
    35. Martin, H. & Ma, Z. & Schmittner, Ch. & Winkler, B. & Krammer, M. & Schneider, D. & Amorim, T. & Macher, G. & Kreiner, Ch., 2020. "Combined automotive safety and security pattern engineering approach," Reliability Engineering and System Safety, Elsevier, vol. 198(C).
    36. Sushil & Sanjay Dhir, 2024. "Strategic Performance Management," Springer Books, in: Strategic Management, chapter 0, pages 95-113, Springer.
    37. Hu, Xiaoxiao & Xu, Maochao & Xu, Shouhuai & Zhao, Peng, 2017. "Multiple cyber attacks against a target with observation errors and dependent outcomes: Characterization and optimization," Reliability Engineering and System Safety, Elsevier, vol. 159(C), pages 119-133.
    38. ., 2024. "The European Communities’ external action," Chapters, in: EU Trade Law, chapter 2, pages 10-26, Edward Elgar Publishing.
    39. Li, Ruiqian & Wu, Haiyun & Zhong, Ma & Lan, Hao, 2024. "Strategic tone management in ESG reports and ESG risk," International Review of Financial Analysis, Elsevier, vol. 96(PA).
    40. Sushil & Sanjay Dhir, 2024. "Strategic Entrepreneurship," Springer Books, in: Strategic Management, chapter 0, pages 57-74, Springer.
    41. Sushil & Sanjay Dhir, 2024. "Strategic Technology Management," Springer Books, in: Strategic Management, chapter 0, pages 353-369, Springer.
    42. Alif Aqsha & Fayc{c}al Drissi & Leandro S'anchez-Betancourt, 2024. "Strategic Learning and Trading in Broker-Mediated Markets," Papers 2412.20847, arXiv.org.
    43. Sushil & Sanjay Dhir, 2024. "Strategic Leadership and Corporate Governance," Springer Books, in: Strategic Management, chapter 0, pages 307-327, Springer.
    44. Wang, Wei & Cova, Gregorio & Zio, Enrico, 2022. "A clustering-based framework for searching vulnerabilities in the operation dynamics of Cyber-Physical Energy Systems," Reliability Engineering and System Safety, Elsevier, vol. 222(C).
    Full references (including those not matched with items on IDEAS)

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Innocenti, Stefania & Bharadwaj, Preethika, 2025. "Securing Public Support for Fuel Subsidy Reform: Experimental and Policymaker Insights from Malaysia," INET Oxford Working Papers 2025-03, Institute for New Economic Thinking at the Oxford Martin School, University of Oxford.
    2. Tang, Daogui & Fang, Yi-Ping & Zio, Enrico, 2023. "Vulnerability analysis of demand-response with renewable energy integration in smart grids to cyber attacks and online detection methods," Reliability Engineering and System Safety, Elsevier, vol. 235(C).
    3. Berghout, Tarek & Benbouzid, Mohamed, 2022. "EL-NAHL: Exploring labels autoencoding in augmented hidden layers of feedforward neural networks for cybersecurity in smart grids," Reliability Engineering and System Safety, Elsevier, vol. 226(C).
    4. Liu, Qi & Sun, Ke & Liu, Wenqi & Li, Yufeng & Zheng, Xiangyu & Cao, Chenhong & Li, Jiangtao & Qin, Wutao, 2025. "Quantitative risk assessment for connected automated Vehicles: Integrating improved STPA-SafeSec and Bayesian network," Reliability Engineering and System Safety, Elsevier, vol. 253(C).
    5. Chen, Chao & Yang, Ming & Reniers, Genserik, 2021. "A dynamic stochastic methodology for quantifying HAZMAT storage resilience," Reliability Engineering and System Safety, Elsevier, vol. 215(C).
    6. Zhang, Chenwei & Wang, Ying & Zheng, Tao & Zhang, Kaifeng, 2024. "Complex network theory-based optimization for enhancing resilience of large-scale multi-energy System11The short version of the paper was presented at CUE2023. This paper is a substantial extension of," Applied Energy, Elsevier, vol. 370(C).
    7. Rodofile, Nicholas R. & Radke, Kenneth & Foo, Ernest, 2019. "Extending the cyber-attack landscape for SCADA-based critical infrastructure," International Journal of Critical Infrastructure Protection, Elsevier, vol. 25(C), pages 14-35.
    8. Diao, Xiaoxu & Zhao, Yunfei & Smidts, Carol & Vaddi, Pavan Kumar & Li, Ruixuan & Lei, Hangtian & Chakhchoukh, Yacine & Johnson, Brian & Blanc, Katya Le, 2024. "Dynamic probabilistic risk assessment for electric grid cybersecurity," Reliability Engineering and System Safety, Elsevier, vol. 241(C).
    9. Fetzer, Thiemo & Edenhofer, Jacob & Garg, Prashant, 2025. "Local decline and populism," Economics Letters, Elsevier, vol. 252(C).
    10. Kim, Hee Eun & Son, Han Seong & Kim, Jonghyun & Kang, Hyun Gook, 2017. "Systematic development of scenarios caused by cyber-attack-induced human errors in nuclear power plants," Reliability Engineering and System Safety, Elsevier, vol. 167(C), pages 290-301.
    11. Zio, E., 2018. "The future of risk assessment," Reliability Engineering and System Safety, Elsevier, vol. 177(C), pages 176-190.
    12. Jia, Chun-Xiao & Liu, Run-Ran, 2025. "Cascading dynamics in double-layer hypergraphs with higher-order inter-layer interdependencies," Reliability Engineering and System Safety, Elsevier, vol. 257(PA).
    13. Mohammed Alghassab, 2021. "Analyzing the Impact of Cybersecurity on Monitoring and Control Systems in the Energy Sector," Energies, MDPI, vol. 15(1), pages 1-21, December.
    14. Iaiani, Matteo & Tugnoli, Alessandro & Macini, Paolo & Cozzani, Valerio, 2021. "Outage and asset damage triggered by malicious manipulation of the control system in process plants," Reliability Engineering and System Safety, Elsevier, vol. 213(C).
    15. Chelouati, Mohammed & Boussif, Abderraouf & Beugin, Julie & El Koursi, El-Miloudi, 2023. "Graphical safety assurance case using Goal Structuring Notation (GSN) — challenges, opportunities and a framework for autonomous trains," Reliability Engineering and System Safety, Elsevier, vol. 230(C).
    16. Krishna Kalyanam & David Casbeer & Meir Pachter, 2020. "A sequential partial information bomber‐defender shooting problem," Naval Research Logistics (NRL), John Wiley & Sons, vol. 67(3), pages 223-235, April.
    17. Wu, Di & Xiao, Hui & Peng, Rui, 2018. "Object defense with preventive strike and false targets," Reliability Engineering and System Safety, Elsevier, vol. 169(C), pages 76-80.
    18. Du, Dajun & Zhu, Minggao & Wu, Dakui & Li, Xue & Fei, Minrui & Hu, Yukun & Li, Kang, 2024. "Distributed security state estimation-based carbon emissions and economic cost analysis for cyber–physical power systems under hybrid attacks," Applied Energy, Elsevier, vol. 353(PA).
    19. Xie, Haipeng & Tang, Lingfeng & Zhu, Hao & Cheng, Xiaofeng & Bie, Zhaohong, 2023. "Robustness assessment and enhancement of deep reinforcement learning-enabled load restoration for distribution systems," Reliability Engineering and System Safety, Elsevier, vol. 237(C).
    20. Zhang, Li & Song, Xinwei, 2025. "Managerial overconfidence and corporate digital transformation," Finance Research Letters, Elsevier, vol. 75(C).

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:eee:reensy:v:260:y:2025:i:c:s0951832025002121. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Catherine Liu (email available below). General contact details of provider: https://www.journals.elsevier.com/reliability-engineering-and-system-safety .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.