An Attack Analysis of Managed Pressure Drilling Systems on Oil Drilling Platforms

Richard McEvoy, Stephen D. Wolthusen

Research output: Chapter in Book/Report/Conference proceedingConference contribution


Oil rig systems are frequently assumed to be isolated from external
networks and so secure from malicious software attacks. Integrated
operations and the import of mobile devices and removable media undermine
this assumption. A successful attack on a drilling operation could be
devastating in human, environmental, economic and reputational terms.
A number of threat sources can easily be identified.We therefore propose
the use of Causal Bayesian Networks to analyse probable attack strategies
on a managed pressure drilling (MPD) system, where the attacker aims to
maximise impact, while minimising attribution. Our results can be used
to inform company representatives and operators of likely risk factors and
highlight requirements for the successful diagnosis and recovery of well
control incidents stemming from cyber causes.
Original languageEnglish
Title of host publicationProceedings of the 9th International Workshop on Critical Information Infrastructures Security
Publication statusAccepted/In press - 2014

Cite this