S-HAZOP - merging OT Cyber & Safety
About me
Disclaimer
►S-HAZOP is an EY Methodology
►Images in this presentation are derived from► EY
► Tennessee Eastman Chemicals
► Honeywell
► International Congress of Catalysis
► DHS.gov.us
All rights preserved to original owners
A prelude …a status update on our 3 years ongoing OT Honeynet research
Still seeing lots of malicious attacks – with safety in scope !
The MENA PLC is still the worst for 3rd year running
Most traffic coming from China, Russia, USA, Iran (Not Research)
What are the current scenarios
Purity Price Euro/KG
98% 78
99% 392
100% 649,000
Paracetamol 2017 Prices
Quiz
Assume NOWYou have full access to a REAL plant
Find the Soft SpotFor a quick disaster
Tennessee Eastman
15.1Time Constant of 60 Min
11.2
114.5
96.0
OT hackers
►OT Hackers need to deal with a lot of variables
►Obtaining access is NOT Obtaining control
►Breaking INTO the system Is just the beginning
Break attacks
Production damage attacks
Toxic emissions attack
Lots of knowledge
►Not Yet
►Not Yet
►NOW
►Too Late
Impact of 8 Hours of DDoS on a Reactor Pressure Sensor at Random Times
The changes done at 200c are NOT the same as on 230c
New OT Cyber kill chain (post Trisis)
So we need to “reconsider” how we calculate plant operations risks
Security HAZOP study
S-HAZOP (Independent layers of protection)
S-HAZOP (Process safety & cyber threats)
S-HAZOP (Components break down)
Example
S-HAZOP …the tool
S-HAZOP …the tool in action
QUESTIONS?
Thank you
References
• Dragos Activity Groups. https://dragos.com/adversaries/
• Diamond Model. http://www.activeresponse.org/the-diamond-model/
• Starlink Telsarati article. https://www.teslarati.com/spacex-starlink-satellite-internet-us-air-force-testing/
• Collection Management Frameworks. https://dragos.com/resource/collection-management-frameworks-beyond-asset-inventories-for-preparing-for-and-responding-to-cyber-threats/
• Consequence Analysis. https://dragos.com/resource/dependency-modeling-for-identifying-cybersecurity-crown-jewels-in-an-ics-environment/