"Cyber-Informed Engineering of Industrial Control Systems by Prioritiza" by Chidi Ugo Agbo

Publication Date

12-2023

Date of Final Oral Examination (Defense)

October 2023

Type of Culminating Activity

Dissertation

Degree Title

Doctor of Philosophy in Computing

Department Filter

Computer Science

Department

Computer Science

Supervisory Committee Chair

Hoda Mehrpouyan, Ph.D.

Supervisory Committee Member

Michael Ekstrand, Ph.D.

Supervisory Committee Member

Tim Andersen, Ph.D.

Supervisory Committee Member

Stephen J. Reese

Abstract

Industrial Control Systems (ICS) are systems employed to supervise, regulate, and control industrial processes and critical infrastructure. These critical systems require robust measures to protect them against potential safety and security violations. Ensuring the safety and security of ICS is a significant challenge facing nations and states today, necessitating the development of robust, dependable, and resilient ICS. Traditional cybersecurity and engineering practices continue to adopt an inefficient approach that treats security as an add-on element during the system design and development. In response, this dissertation builds on a novel theoretical approach known as Cyber-Informed Engineering (CIE) that leverages safety and security co-engineering, comprehensive cybersecurity risk assessments, and resilient engineering at the early stages of system conceptualization and development. By exploring the state of the art, this research proposes and implements 1- an STPA-SafeSec-CDCL framework that integrates System Theoretic Process Analysis for Safety and Security (STPA-SafeSec) and Conflict-Driven Clause Learning (CDCL) technique for identifying and resolving safety and security conflicts. 2- a CCE-BBN innovative approach that combines the Consequence Driven, Cyber-Informed Engineering (CCE) with Bayesian Belief Network (BBN) and Sensitivity Analysis (SA) for the analysis, identification, and prioritization of High Consequence Events (HCE) capable of crippling critical processes and functions of critical infrastructures. 3- Signal Temporal Logic (STL) and autotuning mechanisms for the real-time monitoring of critical processes and recovery of the system under attack within the shortest possible time to enable the system to complete its critical mission. We verified and validated the proposed approaches by utilizing the Tennessee Eastman Plant (TEP), a complex model explicitly designed for the study of industrial processes and control to demonstrate how these frameworks can be used in real-world applications. This research’s findings provide theoretical and practical solutions for building safe, secure, robust, dependable, and resilient ICS.

DOI

https://doi.org/10.18122/td.2145.boisestate

Share

COinS