Process-Aware cyberattacks for thermal desalination plants

Prashant Rajput, Pankaj Rajput, Marios Sazos, Michail Maniatakos

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

In 2017, desalination industry was contracted to produce 99.8 million m3/d of fresh water globally. In regions with a natural shortage of fresh water, desalination contributes up to 70% of drinking water. While state-of-the-art research has focused on securing the power grid, water treatment plants, and other critical infrastructure, not much attention has been given towards desalination plants. In this work, we perform interdisciplinary cyber threat analysis on a desalination plant model, presenting cyberattacks and analyzing their effect on the plant performance and equipment both from economics and mechanical engineering perspective. Our analysis shows that cyber actors can perform extensive financial damage by affecting the performance of the plant. We also perform control volume analysis and finite element analysis studies to investigate the possibility of Stuxnet-like attacks with the potential to cause mechanical damage and equipment failure.

Original languageEnglish (US)
Title of host publicationAsiaCCS 2019 - Proceedings of the 2019 ACM Asia Conference on Computer and Communications Security
PublisherAssociation for Computing Machinery, Inc
Pages441-452
Number of pages12
ISBN (Electronic)9781450367523
DOIs
StatePublished - Jul 2 2019
Event2019 ACM Asia Conference on Computer and Communications Security, AsiaCCS 2019 - Auckland, New Zealand
Duration: Jul 9 2019Jul 12 2019

Publication series

NameAsiaCCS 2019 - Proceedings of the 2019 ACM Asia Conference on Computer and Communications Security

Conference

Conference2019 ACM Asia Conference on Computer and Communications Security, AsiaCCS 2019
CountryNew Zealand
CityAuckland
Period7/9/197/12/19

Fingerprint

Desalination
Critical infrastructures
Water treatment plants
Mechanical engineering
Potable water
Water
Finite element method
Economics
Hot Temperature
Industry

Keywords

  • Cyber security
  • Desalination
  • Finite element analysis
  • Industrial control systems
  • Process aware attacks

ASJC Scopus subject areas

  • Software
  • Computer Networks and Communications
  • Computer Science Applications

Cite this

Rajput, P., Rajput, P., Sazos, M., & Maniatakos, M. (2019). Process-Aware cyberattacks for thermal desalination plants. In AsiaCCS 2019 - Proceedings of the 2019 ACM Asia Conference on Computer and Communications Security (pp. 441-452). (AsiaCCS 2019 - Proceedings of the 2019 ACM Asia Conference on Computer and Communications Security). Association for Computing Machinery, Inc. https://doi.org/10.1145/3321705.3329805

Process-Aware cyberattacks for thermal desalination plants. / Rajput, Prashant; Rajput, Pankaj; Sazos, Marios; Maniatakos, Michail.

AsiaCCS 2019 - Proceedings of the 2019 ACM Asia Conference on Computer and Communications Security. Association for Computing Machinery, Inc, 2019. p. 441-452 (AsiaCCS 2019 - Proceedings of the 2019 ACM Asia Conference on Computer and Communications Security).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Rajput, P, Rajput, P, Sazos, M & Maniatakos, M 2019, Process-Aware cyberattacks for thermal desalination plants. in AsiaCCS 2019 - Proceedings of the 2019 ACM Asia Conference on Computer and Communications Security. AsiaCCS 2019 - Proceedings of the 2019 ACM Asia Conference on Computer and Communications Security, Association for Computing Machinery, Inc, pp. 441-452, 2019 ACM Asia Conference on Computer and Communications Security, AsiaCCS 2019, Auckland, New Zealand, 7/9/19. https://doi.org/10.1145/3321705.3329805
Rajput P, Rajput P, Sazos M, Maniatakos M. Process-Aware cyberattacks for thermal desalination plants. In AsiaCCS 2019 - Proceedings of the 2019 ACM Asia Conference on Computer and Communications Security. Association for Computing Machinery, Inc. 2019. p. 441-452. (AsiaCCS 2019 - Proceedings of the 2019 ACM Asia Conference on Computer and Communications Security). https://doi.org/10.1145/3321705.3329805
Rajput, Prashant ; Rajput, Pankaj ; Sazos, Marios ; Maniatakos, Michail. / Process-Aware cyberattacks for thermal desalination plants. AsiaCCS 2019 - Proceedings of the 2019 ACM Asia Conference on Computer and Communications Security. Association for Computing Machinery, Inc, 2019. pp. 441-452 (AsiaCCS 2019 - Proceedings of the 2019 ACM Asia Conference on Computer and Communications Security).
@inproceedings{947c61a951484ad1ab64d835f1f746ee,
title = "Process-Aware cyberattacks for thermal desalination plants",
abstract = "In 2017, desalination industry was contracted to produce 99.8 million m3/d of fresh water globally. In regions with a natural shortage of fresh water, desalination contributes up to 70{\%} of drinking water. While state-of-the-art research has focused on securing the power grid, water treatment plants, and other critical infrastructure, not much attention has been given towards desalination plants. In this work, we perform interdisciplinary cyber threat analysis on a desalination plant model, presenting cyberattacks and analyzing their effect on the plant performance and equipment both from economics and mechanical engineering perspective. Our analysis shows that cyber actors can perform extensive financial damage by affecting the performance of the plant. We also perform control volume analysis and finite element analysis studies to investigate the possibility of Stuxnet-like attacks with the potential to cause mechanical damage and equipment failure.",
keywords = "Cyber security, Desalination, Finite element analysis, Industrial control systems, Process aware attacks",
author = "Prashant Rajput and Pankaj Rajput and Marios Sazos and Michail Maniatakos",
year = "2019",
month = "7",
day = "2",
doi = "10.1145/3321705.3329805",
language = "English (US)",
series = "AsiaCCS 2019 - Proceedings of the 2019 ACM Asia Conference on Computer and Communications Security",
publisher = "Association for Computing Machinery, Inc",
pages = "441--452",
booktitle = "AsiaCCS 2019 - Proceedings of the 2019 ACM Asia Conference on Computer and Communications Security",

}

TY - GEN

T1 - Process-Aware cyberattacks for thermal desalination plants

AU - Rajput, Prashant

AU - Rajput, Pankaj

AU - Sazos, Marios

AU - Maniatakos, Michail

PY - 2019/7/2

Y1 - 2019/7/2

N2 - In 2017, desalination industry was contracted to produce 99.8 million m3/d of fresh water globally. In regions with a natural shortage of fresh water, desalination contributes up to 70% of drinking water. While state-of-the-art research has focused on securing the power grid, water treatment plants, and other critical infrastructure, not much attention has been given towards desalination plants. In this work, we perform interdisciplinary cyber threat analysis on a desalination plant model, presenting cyberattacks and analyzing their effect on the plant performance and equipment both from economics and mechanical engineering perspective. Our analysis shows that cyber actors can perform extensive financial damage by affecting the performance of the plant. We also perform control volume analysis and finite element analysis studies to investigate the possibility of Stuxnet-like attacks with the potential to cause mechanical damage and equipment failure.

AB - In 2017, desalination industry was contracted to produce 99.8 million m3/d of fresh water globally. In regions with a natural shortage of fresh water, desalination contributes up to 70% of drinking water. While state-of-the-art research has focused on securing the power grid, water treatment plants, and other critical infrastructure, not much attention has been given towards desalination plants. In this work, we perform interdisciplinary cyber threat analysis on a desalination plant model, presenting cyberattacks and analyzing their effect on the plant performance and equipment both from economics and mechanical engineering perspective. Our analysis shows that cyber actors can perform extensive financial damage by affecting the performance of the plant. We also perform control volume analysis and finite element analysis studies to investigate the possibility of Stuxnet-like attacks with the potential to cause mechanical damage and equipment failure.

KW - Cyber security

KW - Desalination

KW - Finite element analysis

KW - Industrial control systems

KW - Process aware attacks

UR - http://www.scopus.com/inward/record.url?scp=85069965262&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85069965262&partnerID=8YFLogxK

U2 - 10.1145/3321705.3329805

DO - 10.1145/3321705.3329805

M3 - Conference contribution

AN - SCOPUS:85069965262

T3 - AsiaCCS 2019 - Proceedings of the 2019 ACM Asia Conference on Computer and Communications Security

SP - 441

EP - 452

BT - AsiaCCS 2019 - Proceedings of the 2019 ACM Asia Conference on Computer and Communications Security

PB - Association for Computing Machinery, Inc

ER -