ETRI Journal (Dec 2022)

STRIDE-based threat modeling and DREAD evaluation for the distributed control system in the oil refinery

  • Kyoung Ho Kim,
  • Kyounggon Kim,
  • Huy Kang Kim

DOI
https://doi.org/10.4218/etrij.2021-0181
Journal volume & issue
Vol. 44, no. 6
pp. 991 – 1003

Abstract

Read online

Industrial control systems (ICSs) used to be operated in closed networks, that is, separated physically from the Internet and corporate networks, and independent protocols were used for each manufacturer. Thus, their operation was relatively safe from cyberattacks. However, with advances in recent technologies, such as big data and internet of things, companies have been trying to use data generated from the ICS environment to improve production yield and minimize process downtime. Thus, ICSs are being connected to the internet or corporate networks. These changes have increased the frequency of attacks on ICSs. Despite this increased cybersecurity risk, research on ICS security remains insufficient. In this paper, we analyze threats in detail using STRIDE threat analysis modeling and DREAD evaluation for distributed control systems, a type of ICSs, based on our work experience as cybersecurity specialists at a refinery. Furthermore, we verify the validity of threats identified using STRIDE through case studies of major ICS cybersecurity incidents: Stuxnet, BlackEnergy 3, and Triton. Finally, we present countermeasures and strategies to improve risk assessment of identified threats.

Keywords