NCS3 Feasibility study - Dependencies to Industrial Information and Control Systems

Authors:

  • Vidar Hedtjärn Swaling
  • Karin Mossberg Sonnek

Publish date: 2016-06-22

Report number: FOI-R--4280--SE

Pages: 48

Written in: Swedish

Abstract

Most of today´s critical infrastructures are more or less autonomously controlled by ICS - Industrial Information and Control Systems. The complexity of these systems makes them vulnerable to human errors as well as different kinds of latent faults. Many times, and increasingly, these systems are also connected to IT systems to gain higher efficiency. Since these systems have connections to the Internet there may be an opportunity for intrusions, interruptions or even severe damage to ICS. Regardless of the source, failed ICS should not lead to severe societal consequences. That is why MSB (Swedish Civil Contingencies Agency) wants to set up a framework for analysis of critical infrastructure's dependencies to ICS. The aim of this study is to create the basis of a framework for identification and analysis of such dependencies. This is done by investigating what ICS requires from concepts and methods that are used in the realm of dependency analyses. In the long term this will contribute to analyses of critical infrastructures dependencies to ICS being carried out more systematically, without important aspects being overlooked, neglected or misinterpreted. The study is guided by the following questions: ? How are these dependencies to be found and where? What are the practical/technical challenges to be expected in application of methods for dependency analyses, when the systems to be analysed involve ICS? ? How are these dependencies interpreted and conceived? What is the potential of existing concepts and models? The conclusions are that the very identification of dependencies (the mapping or systems analysis), is feasible, but nevertheless complicated because ICS are found anywhere in society and the internal dependencies are typically very complex (highly redundant, several functions for the same equipment, latent and systematic failures, difficult to break down systems in modules, strong connections to physical processes and in some cases IT). If the purpose of the analysis is to identify vulnerabilities, which is often the case, it should be noticed that the relation between the functional dependencies and the vulnerabilities become more complex and less predictable. To find the critical dependencies a holistic approach is probably the most appropriate, as well as a genuine understanding of the systems functionality and flows at many different levels. Based on the attempts made in this report a convenient approach is assumed to be one where, firstly, the analysis is split in different stages, where at each stage it is possible to shift or adjust the method chosen, secondly, where the aim is clearly specified, and finally, where the analysed object is clearly defined.