IDEAS home Printed from https://ideas.repec.org/a/eee/ijocip/v45y2024ics1874548224000167.html
   My bibliography  Save this article

Hardware-in-Loop (HIL) Testbed Design of Thermal Power Plant for Threat Modeling and Attack Vector Analysis

Author

Listed:
  • Mathew, Midhya
  • Kazi, Faruk

Abstract

Industrial control systems (ICSs) are extensively utilized worldwide to control and regulate various processes in energy utilities. It consists of various field devices, control and monitoring devices and communication devices. This paper focuses on the testing and analysis of various attack vectors that could potentially occur in a hardware-in-loop (HIL) Industrial Control System (ICS) testbed designed for a 500 MW thermal power plant. In this testbed, four typical process scenarios have been identified that can be manipulated through cyber-attacks, leading to severe issues such as plant shutdown or even explosions. The four significant plant scenarios recognized include minimal coal mill levels and increased temperatures in the classifier, heightened primary airflow to the coal mill, the tripping of an ID fan, and adjustment of the Super-heater temperature to its lowest setting. Also, we utilize the STRIDE threat modeling methodology to accurately represents the elements of Cyber-Physical Systems (CPS), their inter-dependencies, and the potential attack entry points and system vulnerabilities.

Suggested Citation

  • Mathew, Midhya & Kazi, Faruk, 2024. "Hardware-in-Loop (HIL) Testbed Design of Thermal Power Plant for Threat Modeling and Attack Vector Analysis," International Journal of Critical Infrastructure Protection, Elsevier, vol. 45(C).
    • Handle: RePEc:eee:ijocip:v:45:y:2024:i:c:s1874548224000167
    DOI: 10.1016/j.ijcip.2024.100675
    as

    Download full text from publisher

    File URL: http://www.sciencedirect.com/science/article/pii/S1874548224000167
    Download Restriction: Full text for ScienceDirect subscribers only
    File URL: https://libkey.io/10.1016/j.ijcip.2024.100675?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    As the access to this document is restricted, you may want to search for a different version of it.

    References listed on IDEAS

    as
    1. Marcio Andrey Teixeira & Tara Salman & Maede Zolanvari & Raj Jain & Nader Meskin & Mohammed Samaka, 2018. "SCADA System Testbed for Cybersecurity Research Using Machine Learning Approach," Future Internet, MDPI, vol. 10(8), pages 1-15, August.
    2. Hui, Henry & McLaughlin, Kieran & Sezer, Sakir, 2021. "Vulnerability analysis of S7 PLCs: Manipulating the security mechanism," International Journal of Critical Infrastructure Protection, Elsevier, vol. 35(C).
    3. Akiyoshi Kokaji & Atsuhiro Goto, 2022. "An analysis of economic losses from cyberattacks: based on input–output model and production function," Journal of Economic Structures, Springer;Pan-Pacific Association of Input-Output Studies (PAPAIOS), vol. 11(1), pages 1-17, December.
    Full references (including those not matched with items on IDEAS)

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Ugochukwu Onyekachi Obonna & Felix Kelechi Opara & Christian Chidiebere Mbaocha & Jude-Kennedy Chibuzo Obichere & Isdore Onyema Akwukwaegbu & Miriam Mmesoma Amaefule & Cosmas Ifeanyi Nwakanma, 2023. "Detection of Man-in-the-Middle (MitM) Cyber-Attacks in Oil and Gas Process Control Networks Using Machine Learning Algorithms," Future Internet, MDPI, vol. 15(8), pages 1-19, August.
    2. Ali Alzahrani & Theyazn H. H. Aldhyani, 2023. "Design of Efficient Based Artificial Intelligence Approaches for Sustainable of Cyber Security in Smart Industrial Control System," Sustainability, MDPI, vol. 15(10), pages 1-29, May.
    3. Sachin Sharma & Saish Urumkar & Gianluca Fontanesi & Byrav Ramamurthy & Avishek Nag, 2022. "Future Wireless Networking Experiments Escaping Simulations," Future Internet, MDPI, vol. 14(4), pages 1-32, April.
    4. Alaa O. Khadidos & Hariprasath Manoharan & Shitharth Selvarajan & Adil O. Khadidos & Khaled H. Alyoubi & Ayman Yafoz, 2022. "A Classy Multifacet Clustering and Fused Optimization Based Classification Methodologies for SCADA Security," Energies, MDPI, vol. 15(10), pages 1-24, May.

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:eee:ijocip:v:45:y:2024:i:c:s1874548224000167. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Catherine Liu (email available below). General contact details of provider: https://www.journals.elsevier.com/international-journal-of-critical-infrastructure-protection .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.