A new model-based risk analysis approach that generate cyberattacks scenarios and combine them with safety risks
Résumé
For many years, the introduction of connected systems and digital technology in critical industries worldwide makes them vulnerable to cyberattacks that can lead to undesirable safety accidents. Thus, analysing these attacks becomes an important matter during risk analysis. In most proposed risk analysis approaches applied in the industries, the safety subjects are taking into consideration without analysing the cyberattack that can lead to the same dangerous phenomenon as a safety incident, the safety and security subjects are treated separately, despite the common consequences and the interdependencies between them. Therefore, there is a strong interest in the development of risk analysis approaches combining safety and security, particularly in the process industry, which is a major potential hazard for local populations and the environment. In this article, a new model-based risk analysis approach is proposed, it presents a new way to generate the cyberattacks systematically based on the modelling system architecture and a list of generic vulnerabilities encountered on industrial systems. A likelihood evaluation for these attacks is presented with their combination with the safety risks.
Fichier principal
article 195 - A new model-based risk analysis approach that generate cyberattacks scenarios and combine them with safety risks .pdf (614.46 Ko)
Télécharger le fichier
Origine : Fichiers produits par l'(les) auteur(s)