Attack Tree Design and Analysis of Offshore Oil and Gas Process Complex SCADA System

M. V. V. Siva Prasad; P. S. Avadhani

Call for Paper

January Edition

IJCA solicits high quality original research papers for the upcoming January edition of the journal. The last date of research paper submission is 20 December 2024

Submit your paper

Know more

The week's pick

Improved Shuffled Frog Leaping Algorithm with Self-Adaptive Shuffling for Fuzzy Logic PD+G Controller Optimization in Robotic Manipulators

Duc Hoang Nguyen

Random Articles

A Contactless IoT based Intelligent Parking Solution for Smart Cities

Nov

2020

Performance Evaluation of 802.11 WLAN Scenarios in OPNET Modeler

May

2011

Seismic Signal Classification using Multi-Layer Perceptron Neural Network

October

2013

An Efficient Software Clone Detection System based on the Textual Comparison of Dynamic Methods and Metrics Computation

January

2014

Reseach Article

Attack Tree Design and Analysis of Offshore Oil and Gas Process Complex SCADA System

by M. V. V. Siva Prasad, P. S. Avadhani

International Journal of Computer Applications

Foundation of Computer Science (FCS), NY, USA

Volume 181 - Number 41

Year of Publication: 2019

Authors: M. V. V. Siva Prasad, P. S. Avadhani

10.5120/ijca2019918440

M. V. V. Siva Prasad, P. S. Avadhani . Attack Tree Design and Analysis of Offshore Oil and Gas Process Complex SCADA System. International Journal of Computer Applications. 181, 41 ( Feb 2019), 12-18. DOI=10.5120/ijca2019918440

@article{ 10.5120/ijca2019918440,

author = { M. V. V. Siva Prasad, P. S. Avadhani },

title = { Attack Tree Design and Analysis of Offshore Oil and Gas Process Complex SCADA System },

journal = { International Journal of Computer Applications },

issue_date = { Feb 2019 },

volume = { 181 },

number = { 41 },

month = { Feb },

year = { 2019 },

issn = { 0975-8887 },

pages = { 12-18 },

numpages = {9},

url = { https://ijcaonline.org/archives/volume181/number41/30334-2019918440/ },

doi = { 10.5120/ijca2019918440 },

publisher = {Foundation of Computer Science (FCS), NY, USA},

address = {New York, USA}

}

%0 Journal Article

%1 2024-02-07T01:08:45.756976+05:30

%A M. V. V. Siva Prasad

%A P. S. Avadhani

%T Attack Tree Design and Analysis of Offshore Oil and Gas Process Complex SCADA System

%J International Journal of Computer Applications

%@ 0975-8887

%V 181

%N 41

%P 12-18

%D 2019

%I Foundation of Computer Science (FCS), NY, USA

Abstract

Attack Trees are very important in the effort to secure Industrial Process Control Systems (ICS), because they aid directly in indicating the presence of vulnerabilities in network and how attackers use the vulnerabilities to implement an effective attack. Attack Tree design and analysis provide clues for the network security professionals on how an attacker exploits the vulnerability on the network to achieve goals. In this paper it will be illustrated for designing attack tree in Offshore Oil and Gas Process Complex SCADA System to identify various vulnerabilities. Using the vulnerabilities it presents how an attacker can take control of the SCADA system network and eventually affect hydrocarbons production.

References

B. Schneier, “Modeling security threats,” Dr. Dobb’s Journal, 1999.
Phillps C, Swiler L P, “A Graph-based System for Network Vulnerability Analysis”, Proceedings of the 1998 workshop on new security paradigms, VA, USA: ACM Press, pp. 71-79, 1998.
Meadows C, “ A Representation of protocol attacks for risk assessment”, Network Threats, DIMACS series in Discrete Mathematics and Theoretical Computer Science, Vol 38, R.N. Wright and P.G. Neumann editors, American Mathematical Society, PP 1-10.
J, Ramakrishman C, Skar R, “Model-based Vulnerability Analysis of Computer Systems”, Proceedings of the 2nd International Workshop on Verification, Pisa, Italy: Model Checking and Abstract Interpretation Press, pp. 1-81, 1998.
Ammann P, Pamuls J, Ritchev R, “A Host Based Approach to Network Attack Chaining Analysis”, Proceedings of the 21st Annual Computer Security Applications Conference, Tucson, Arizona, USA: IEEE Computer Society Press, pp. 72-84, 2005
N. Poolsappasit, R. Dewri, and I. Ray, “Dynamic security risk management using Bayesian attack graphs,” IEEE Transactions on Dependable and Secure Computing, vol. 9, no. 1, pp. 61–74, 2012.
B. Ivanc and T. Klobucar, “Critical infrastructure attack modeling,” Elektrotehniski Vestnik, vol. 79, no. 4, pp. 193–196, 2012.re
SecurI Tree, Amaneza Tech Limited, A Quick Tour of Attack Tree Based Risk Analysis using SecurI Tree, Technical report, 2002.
Alexander Opel, “Design and Implementation of a Support Tool for Attack Trees, 2005.
TANAT Threat ANd Attack Tree Modeling Plus Simulation, 2004, http://www13.informatik.tu-muenchen.de:8080/tanat.
Stefan Einarsson and Marvin Rausand “An Approach to Vulnerability Analysis of complex industrial systems, Risk Analysis, 18(5): 535-545, 1998.
Jan Stefan and Markus Schumacher, “Collaborative attack modeling in Proc.SAC 2002, pages 253-259, ACM 2002.
J.P.Mcdermott, “Attack net penetration testing in Proc.2000, workshop on security paradigm, pages 15-20, ACM 2001.
Mauw S., Oostdijk M.(2006)Foundations of Attack Trees. In: Won D.H., Kim S.(eds) Information Security and Cryptology – ICISC 2005. ICISC 2005. Lecture notes in Computer Science, vol 3935. Springer, Berlin, Heidelberg.

Index Terms

Computer Science

Information Sciences

Keywords

ICS SCADA MTU TDMA RTU