A unified framework for safety and security assessment in critical infrastructures

摘要

The appearance of Stuxnet malware changed the idea of security on critical infrastructures greatly. However, in previous studies, cyber security issues have been addressed only from an IT security perspective, with a focus on the detection of malicious activities and the elimination of IT threats. However, these studies missed out the discussion relating to the robustness of the designed plant system. In this research, the relation between information system security and physical plant safety is defined on the basis of a novel framework. This study introduces a preliminary approach which tackles plant safety and security from a more comprehensive point of view. In this context, not only computer security is considered, but also plant availability and robustness. In particular, the presented methodology allows us to understand how unsafe activities and cyber-attacks may propagate throughout the plant system and affect the physical side of the plant.