Cyber incident exercise for safety protection in critical infrastructure
Free (open access)
Volume 8 (2018), Issue 2
246 - 257
YUITAKA OTA, TOMOMI AOYAMA, DAVAAADORJ NYAMBAYAR & ICHIRO KOSHIJIMA
Many companies, especially those that own critical infrastructure (CI), must prepare processes to cope with serious incidents before they happen. Conventional safety countermeasures already developed a priori to deal with expected problems, such as machinery malfunction, natural disasters and human errors. Field operators also are well trained against such problems. In recent years, however, cyber-attacks have emerged as a ‘clear and present danger’ and have rendered CI uncertain and unsafe through industrial control systems (ICSs). Thus, CI owners should now prepare countermeasures to ensure the safety and security of ICSs. Unfortunately, responding to situations without experience and developing adequate countermeasures is a difficult challenge. A certain resilience must be developed that gives the actors the ability to flexibly cope with a crisis and quickly recover to a safer state. In CI systems, field operators are the most important element for dynamically managing ICS emergency response.
In this paper, the authors would like to discuss the following two problems:
1. Simultaneous achievement framework of safety and security in ICSs
2. Personnel training methodology based on the above framework
Also, we present an illustrative example of the proposed framework and methods based on exercises in which almost 200 CI personnel and security experts participated.
cyber-incident, personnel training, ICS-SIRT