research-article

Open access

What happens in a control room during a cybersecurity attack?: Preliminary observations from a pilot study

Authors:

Espen Nystad,

Vikash Katta,

John Eidar SimensenAuthors Info & Claims

ICSEW'20: Proceedings of the IEEE/ACM 42nd International Conference on Software Engineering Workshops

Pages 270 - 275

https://doi.org/10.1145/3387940.3391454

Published: 25 September 2020 Publication History

PDF eReader

Abstract

Cyberattacks on the critical infrastructure is a growing concern for businesses, national authorities and public in general. The increasing complexity and connectivity of the critical infrastructure systems have made them susceptible to cyberattacks. The traditional notion of safety systems being isolated is no longer applicable, as we have seen ample examples on how these systems can be exploited through gaps in e.g. supply chain, physical security, insiders. This places greater importance on how the staff belonging to owners and operators of these critical infrastructure, e.g. operators, IT/security personnel, system engineers, management, are prepared to handle cyberattacks. This paper presents our ongoing research on investigating the preparedness of organisations to handle cybersecurity incidents and providing holistic solutions to improve cybersecurity posture. We present one experiment that has been conducted using our cybersecurity centre and man-machine laboratory to study how operators and security team of a power plant will handle a cyberattack. We highlight the main observations made through this experiment.

References

[1]

Gyrd Skraaning Jr and Andreas Bye, 2011. The purpose of HAMMLAB and the theoretical basis for experimental research. In Ann Britt Skjerve and Andreas Bye, (Eds.), Simulator-based human factors studies across 25 years: The history of the Halden man-machine laboratory. London: Springer-Verlag.

Google Scholar

[2]

Vikash Katta, Fabien Sechi, Per-Arne Jørgensen, Stine Strand, Per Axel Wiig, John Eidar Simensen, and Siv Hilde Houmb. 2019. Establishing a Cybersecurity Centre for Industrial Control Systems, In the proceedings of the 29th European Safety and Reliability Conference (ESREL '19).

Crossref

Google Scholar

[3]

George McCullough, 2019. Experiment data collection methodology for application in crew debriefs. 2019 Conference on nuclear training and education, Feb. 5-7, 2019. St. Augustine, FL. American Nuclear Society.

Google Scholar

[4]

Christopher Poresky, Charalampos Andreades, James Kendrick and Per Peterson, 2017. Cybersecurity in Nuclear Power Plants: Insights for Advanced Nuclear Technologies.

Crossref

Google Scholar

[5]

IEC, 2016. IEC 62859:2016, Nuclear power plants - Instrumentation and control systems - Requirements for coordinating safety and cybersecurity. International Electrotechnical Commission.

Google Scholar

[6]

IEC, 2019. IEC 62859:2016+A1:2019. Nuclear power plants - Instrumentation and control systems - Requirements for coordinating safety and cybersecurity. International Electrotechnical Commission

Google Scholar

[7]

Alexandra van Dine, Michael Assante and Page Stoutland, 2016. Outpacing cyber threats: Priorities for cybersecurity at nuclear facilities. Nuclear Threat Initiative.

Google Scholar

[8]

Paul Cichonski, Tom Millar, Tim Grance, and Karen Scarfone, 2012. Computer security handling guide. Recommendations of the National Institute of Standards and Technology. Special publication 800--61. National Institute of Standards and Technology

Google Scholar

Cited By

View all

Gnanasekaran VBartnes MGrotan THeegaard P(2024)Cyber-incident Response in Industrial Control Systems: Practices and Challenges in the Petroleum IndustryProceedings of the 2024 ACM/IEEE 4th International Workshop on Engineering and Cybersecurity of Critical Systems (EnCyCriS) and 2024 IEEE/ACM Second International Workshop on Software Vulnerability10.1145/3643662.3643958(53-60)Online publication date: 15-Apr-2024
https://dl.acm.org/doi/10.1145/3643662.3643958
Zhang JLi ZChen RHan WHu NZhang Y(2024)A Survey of Cyber Range: Current Status, Analysis, and Future TrendsNetwork Simulation and Evaluation10.1007/978-981-97-4522-7_6(88-101)Online publication date: 2-Aug-2024
https://doi.org/10.1007/978-981-97-4522-7_6
Samita SChhabra IGautam N(2022)Survey Paper on IoT based Intrusion Detection System: Datasets and Techniques2022 3rd International Conference on Computing, Analytics and Networks (ICAN)10.1109/ICAN56228.2022.10007244(1-9)Online publication date: 18-Nov-2022
https://doi.org/10.1109/ICAN56228.2022.10007244

Index Terms

What happens in a control room during a cybersecurity attack?: Preliminary observations from a pilot study
1. Security and privacy

Recommendations

Artificial Intelligence for next generation cybersecurity: The AI4CYBER framework
ARES '23: Proceedings of the 18th International Conference on Availability, Reliability and Security

Artificial Intelligence (AI) is playing a crucial role both in the technological advances and emerging advanced threats in cybersecurity. Despite efforts by competent authorities in Europe to regulate the use of AI in a way that aligns with the ethics ...
Security beyond cybersecurity: side-channel attacks against non-cyber systems and their countermeasures
Abstract
Side-channels are unintended pathways within target systems that leak internal information, exploitable via side-channel attack techniques that extract the target information, compromising the system’s security and privacy. Side-channel attacks ...
Cyber Attack! Is a Counter Attack Warranted?

Organizations are under constant attack by developers and users of worms, botnets, and malware. These attacks are designed to do bring down an organization's systems with denial of service attacks, install rootkits, steal intellectual or financial data, ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

ICSEW'20: Proceedings of the IEEE/ACM 42nd International Conference on Software Engineering Workshops

June 2020

831 pages

ISBN:9781450379632

DOI:10.1145/3387940

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 25 September 2020

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed limited

Conference

ICSE '20

Sponsor:

SIGSOFT
KIISE

ICSE '20: 42nd International Conference on Software Engineering

June 27 - July 19, 2020

Seoul, Republic of Korea

Upcoming Conference

ICSE 2025

2025 IEEE/ACM 46th International Conference on Software Engineering

April 26 - May 3, 2025

Ottawa , ON , Canada

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

3
Total Citations
View Citations
429
Total Downloads

Downloads (Last 12 months)107
Downloads (Last 6 weeks)11

Reflects downloads up to 31 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Gnanasekaran VBartnes MGrotan THeegaard P(2024)Cyber-incident Response in Industrial Control Systems: Practices and Challenges in the Petroleum IndustryProceedings of the 2024 ACM/IEEE 4th International Workshop on Engineering and Cybersecurity of Critical Systems (EnCyCriS) and 2024 IEEE/ACM Second International Workshop on Software Vulnerability10.1145/3643662.3643958(53-60)Online publication date: 15-Apr-2024
https://dl.acm.org/doi/10.1145/3643662.3643958
Zhang JLi ZChen RHan WHu NZhang Y(2024)A Survey of Cyber Range: Current Status, Analysis, and Future TrendsNetwork Simulation and Evaluation10.1007/978-981-97-4522-7_6(88-101)Online publication date: 2-Aug-2024
https://doi.org/10.1007/978-981-97-4522-7_6
Samita SChhabra IGautam N(2022)Survey Paper on IoT based Intrusion Detection System: Datasets and Techniques2022 3rd International Conference on Computing, Analytics and Networks (ICAN)10.1109/ICAN56228.2022.10007244(1-9)Online publication date: 18-Nov-2022
https://doi.org/10.1109/ICAN56228.2022.10007244
Nystad ESimensen JRaspotnig C(2021)Investigating operative cybersecurity awareness in air traffic control2021 14th International Conference on Security of Information and Networks (SIN)10.1109/SIN54109.2021.9699158(1-8)Online publication date: 15-Dec-2021
https://doi.org/10.1109/SIN54109.2021.9699158

View Options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Index Terms

Recommendations

Artificial Intelligence for next generation cybersecurity: The AI4CYBER framework

Security beyond cybersecurity: side-channel attacks against non-cyber systems and their countermeasures

Cyber Attack! Is a Counter Attack Warranted?