Cyber-attacks on Cyber Physical Systems (CPS) can have detrimental impact also in the physical world, with potential consequences to both operational personnel and the underlying physical process, as experienced in the Stuxnet and Ukraine Power Grid attacks. Petroleum production facilities are a key infrastructure for Norway. On a drilling rig, an attack might deactivate the blow-out preventer, with potential consequences similar to the Macondo incident

(https://snl.no/Deepwater_Horizon-ulykken).

The project aims to develop knowledge and methodologies for process-aware cyber security for modern systems control. This shall be achieved through complementing current Industrial Control System (ICS) Intrusion Detection Systems (IDS) with domain specific knowledge-based models and methods that consider the function of the whole CPS, forming a basis for process-aware risk analysis for attack response advisory. Such development shall help enable a robust and relevant response to cyber-attacks, with avoidance of unnecessary downtime and loss of revenue or public services due to false alarms or low-risk attacks.

Planned collaboration with Equinor, Statnett, Kongsberg Maritime, Siemens Energy, ABB Motion, the Petroleum Safety Authority (Ptil) and the Norwegian Water Resources and Energy Directorate (NVE) will ensure involvement from both public and private sector in the project, while covering both the petroleum sector and its power supply. Knowledge transfer between research and industry partners shall be ensured through close collaboration throughout the project by means of quarterly status meetings and through two (2) case studies annually where project results will be tested and evaluated.

Funding scheme

This project is funded by KSPKOMPETANSE23