AutomationML Meets Bayesian Networks: A Comprehensive Safety-Security Risk Assessment in Industrial Control Systems
Industrial control systems (ICSs) play a crucial role in the smooth operation of critical infrastructures, and their increasing complexity and interconnectedness necessitate integrating safety and security measures. Thus, an integrated risk assessment approach is essential to identify and address po...
Saved in:
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
IEEE
2024-01-01
|
| Series: | IEEE Open Journal of the Industrial Electronics Society |
| Subjects: | |
| Online Access: | https://ieeexplore.ieee.org/document/10623880/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1841526341029068800 |
|---|---|
| author | Pushparaj Bhosale Wolfgang Kastner Thilo Sauter |
| author_facet | Pushparaj Bhosale Wolfgang Kastner Thilo Sauter |
| author_sort | Pushparaj Bhosale |
| collection | DOAJ |
| description | Industrial control systems (ICSs) play a crucial role in the smooth operation of critical infrastructures, and their increasing complexity and interconnectedness necessitate integrating safety and security measures. Thus, an integrated risk assessment approach is essential to identify and address potential hazards and vulnerabilities. However, conducting such risk assessments becomes complex and challenging due to the difficulty in data availability. Acquiring data from various sources poses a significant hurdle. To address these challenges, automation markup language (AML) provides a standardized framework that facilitates the seamless exchange of engineering information. This article uses AML libraries and connection setup techniques to generate a valuable model of a single source of data for an integrated safety and security risk assessment. The automated risk assessment employs the AML model as a data source and the Bayesian belief network (BBN) as the risk assessment method. The value of risk associated with the system is calculated using the BBN models as the product of the probability of occurrence and severity. An evaluation of the proposed risk assessment method is also provided based on ISO 31000. AML's effectiveness as a valuable information model in meeting the growing need for comprehensive safety and security risk assessment in ICSs is demonstrated. |
| format | Article |
| id | doaj-art-4c4367a87ec347ae8a5cf5d6ddfd5a88 |
| institution | Kabale University |
| issn | 2644-1284 |
| language | English |
| publishDate | 2024-01-01 |
| publisher | IEEE |
| record_format | Article |
| series | IEEE Open Journal of the Industrial Electronics Society |
| spelling | doaj-art-4c4367a87ec347ae8a5cf5d6ddfd5a882025-01-17T00:00:48ZengIEEEIEEE Open Journal of the Industrial Electronics Society2644-12842024-01-01582383510.1109/OJIES.2024.343938810623880AutomationML Meets Bayesian Networks: A Comprehensive Safety-Security Risk Assessment in Industrial Control SystemsPushparaj Bhosale0https://orcid.org/0000-0001-5760-2342Wolfgang Kastner1https://orcid.org/0000-0001-5420-404XThilo Sauter2https://orcid.org/0000-0003-1559-8394Institute of Computer Engineering, TU Wien, Vienna, AustriaInstitute of Computer Engineering, TU Wien, Vienna, AustriaInstitute of Computer Engineering, TU Wien, Vienna, AustriaIndustrial control systems (ICSs) play a crucial role in the smooth operation of critical infrastructures, and their increasing complexity and interconnectedness necessitate integrating safety and security measures. Thus, an integrated risk assessment approach is essential to identify and address potential hazards and vulnerabilities. However, conducting such risk assessments becomes complex and challenging due to the difficulty in data availability. Acquiring data from various sources poses a significant hurdle. To address these challenges, automation markup language (AML) provides a standardized framework that facilitates the seamless exchange of engineering information. This article uses AML libraries and connection setup techniques to generate a valuable model of a single source of data for an integrated safety and security risk assessment. The automated risk assessment employs the AML model as a data source and the Bayesian belief network (BBN) as the risk assessment method. The value of risk associated with the system is calculated using the BBN models as the product of the probability of occurrence and severity. An evaluation of the proposed risk assessment method is also provided based on ISO 31000. AML's effectiveness as a valuable information model in meeting the growing need for comprehensive safety and security risk assessment in ICSs is demonstrated.https://ieeexplore.ieee.org/document/10623880/Automation markup language (AutomationML)industrial control systems (ICSs)Bayesian belief networks (BBN)integrated risk assessmentsafetyand security |
| spellingShingle | Pushparaj Bhosale Wolfgang Kastner Thilo Sauter AutomationML Meets Bayesian Networks: A Comprehensive Safety-Security Risk Assessment in Industrial Control Systems IEEE Open Journal of the Industrial Electronics Society Automation markup language (AutomationML) industrial control systems (ICSs) Bayesian belief networks (BBN) integrated risk assessment safety and security |
| title | AutomationML Meets Bayesian Networks: A Comprehensive Safety-Security Risk Assessment in Industrial Control Systems |
| title_full | AutomationML Meets Bayesian Networks: A Comprehensive Safety-Security Risk Assessment in Industrial Control Systems |
| title_fullStr | AutomationML Meets Bayesian Networks: A Comprehensive Safety-Security Risk Assessment in Industrial Control Systems |
| title_full_unstemmed | AutomationML Meets Bayesian Networks: A Comprehensive Safety-Security Risk Assessment in Industrial Control Systems |
| title_short | AutomationML Meets Bayesian Networks: A Comprehensive Safety-Security Risk Assessment in Industrial Control Systems |
| title_sort | automationml meets bayesian networks a comprehensive safety security risk assessment in industrial control systems |
| topic | Automation markup language (AutomationML) industrial control systems (ICSs) Bayesian belief networks (BBN) integrated risk assessment safety and security |
| url | https://ieeexplore.ieee.org/document/10623880/ |
| work_keys_str_mv | AT pushparajbhosale automationmlmeetsbayesiannetworksacomprehensivesafetysecurityriskassessmentinindustrialcontrolsystems AT wolfgangkastner automationmlmeetsbayesiannetworksacomprehensivesafetysecurityriskassessmentinindustrialcontrolsystems AT thilosauter automationmlmeetsbayesiannetworksacomprehensivesafetysecurityriskassessmentinindustrialcontrolsystems |