CFP last date
21 October 2024
Reseach Article

Attack Tree Design and Analysis of Offshore Oil and Gas Process Complex SCADA System

by M. V. V. Siva Prasad, P. S. Avadhani
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 181 - Number 41
Year of Publication: 2019
Authors: M. V. V. Siva Prasad, P. S. Avadhani
10.5120/ijca2019918440

M. V. V. Siva Prasad, P. S. Avadhani . Attack Tree Design and Analysis of Offshore Oil and Gas Process Complex SCADA System. International Journal of Computer Applications. 181, 41 ( Feb 2019), 12-18. DOI=10.5120/ijca2019918440

@article{ 10.5120/ijca2019918440,
author = { M. V. V. Siva Prasad, P. S. Avadhani },
title = { Attack Tree Design and Analysis of Offshore Oil and Gas Process Complex SCADA System },
journal = { International Journal of Computer Applications },
issue_date = { Feb 2019 },
volume = { 181 },
number = { 41 },
month = { Feb },
year = { 2019 },
issn = { 0975-8887 },
pages = { 12-18 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume181/number41/30334-2019918440/ },
doi = { 10.5120/ijca2019918440 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-07T01:08:45.756976+05:30
%A M. V. V. Siva Prasad
%A P. S. Avadhani
%T Attack Tree Design and Analysis of Offshore Oil and Gas Process Complex SCADA System
%J International Journal of Computer Applications
%@ 0975-8887
%V 181
%N 41
%P 12-18
%D 2019
%I Foundation of Computer Science (FCS), NY, USA
Abstract

Attack Trees are very important in the effort to secure Industrial Process Control Systems (ICS), because they aid directly in indicating the presence of vulnerabilities in network and how attackers use the vulnerabilities to implement an effective attack. Attack Tree design and analysis provide clues for the network security professionals on how an attacker exploits the vulnerability on the network to achieve goals. In this paper it will be illustrated for designing attack tree in Offshore Oil and Gas Process Complex SCADA System to identify various vulnerabilities. Using the vulnerabilities it presents how an attacker can take control of the SCADA system network and eventually affect hydrocarbons production.

References
  1. B. Schneier, “Modeling security threats,” Dr. Dobb’s Journal, 1999.
  2. Phillps C, Swiler L P, “A Graph-based System for Network Vulnerability Analysis”, Proceedings of the 1998 workshop on new security paradigms, VA, USA: ACM Press, pp. 71-79, 1998.
  3. Meadows C, “ A Representation of protocol attacks for risk assessment”, Network Threats, DIMACS series in Discrete Mathematics and Theoretical Computer Science, Vol 38, R.N. Wright and P.G. Neumann editors, American Mathematical Society, PP 1-10.
  4. J, Ramakrishman C, Skar R, “Model-based Vulnerability Analysis of Computer Systems”, Proceedings of the 2nd International Workshop on Verification, Pisa, Italy: Model Checking and Abstract Interpretation Press, pp. 1-81, 1998.
  5. Ammann P, Pamuls J, Ritchev R, “A Host Based Approach to Network Attack Chaining Analysis”, Proceedings of the 21st Annual Computer Security Applications Conference, Tucson, Arizona, USA: IEEE Computer Society Press, pp. 72-84, 2005
  6. N. Poolsappasit, R. Dewri, and I. Ray, “Dynamic security risk management using Bayesian attack graphs,” IEEE Transactions on Dependable and Secure Computing, vol. 9, no. 1, pp. 61–74, 2012.
  7. B. Ivanc and T. Klobucar, “Critical infrastructure attack modeling,” Elektrotehniski Vestnik, vol. 79, no. 4, pp. 193–196, 2012.re
  8. SecurI Tree, Amaneza Tech Limited, A Quick Tour of Attack Tree Based Risk Analysis using SecurI Tree, Technical report, 2002.
  9. Alexander Opel, “Design and Implementation of a Support Tool for Attack Trees, 2005.
  10. TANAT Threat ANd Attack Tree Modeling Plus Simulation, 2004, http://www13.informatik.tu-muenchen.de:8080/tanat.
  11. Stefan Einarsson and Marvin Rausand “An Approach to Vulnerability Analysis of complex industrial systems, Risk Analysis, 18(5): 535-545, 1998.
  12. Jan Stefan and Markus Schumacher, “Collaborative attack modeling in Proc.SAC 2002, pages 253-259, ACM 2002.
  13. J.P.Mcdermott, “Attack net penetration testing in Proc.2000, workshop on security paradigm, pages 15-20, ACM 2001.
  14. Mauw S., Oostdijk M.(2006)Foundations of Attack Trees. In: Won D.H., Kim S.(eds) Information Security and Cryptology – ICISC 2005. ICISC 2005. Lecture notes in Computer Science, vol 3935. Springer, Berlin, Heidelberg.
Index Terms

Computer Science
Information Sciences

Keywords

ICS SCADA MTU TDMA RTU