Abstract
Oil rig systems are frequently assumed to be isolated from external
networks and so secure from malicious software attacks. Integrated
operations and the import of mobile devices and removable media undermine
this assumption. A successful attack on a drilling operation could be
devastating in human, environmental, economic and reputational terms.
A number of threat sources can easily be identified.We therefore propose
the use of Causal Bayesian Networks to analyse probable attack strategies
on a managed pressure drilling (MPD) system, where the attacker aims to
maximise impact, while minimising attribution. Our results can be used
to inform company representatives and operators of likely risk factors and
highlight requirements for the successful diagnosis and recovery of well
control incidents stemming from cyber causes.
networks and so secure from malicious software attacks. Integrated
operations and the import of mobile devices and removable media undermine
this assumption. A successful attack on a drilling operation could be
devastating in human, environmental, economic and reputational terms.
A number of threat sources can easily be identified.We therefore propose
the use of Causal Bayesian Networks to analyse probable attack strategies
on a managed pressure drilling (MPD) system, where the attacker aims to
maximise impact, while minimising attribution. Our results can be used
to inform company representatives and operators of likely risk factors and
highlight requirements for the successful diagnosis and recovery of well
control incidents stemming from cyber causes.
| Original language | English |
|---|---|
| Title of host publication | Proceedings of the 9th International Workshop on Critical Information Infrastructures Security |
| Publisher | Springer-Verlag |
| Publication status | Accepted/In press - 2014 |