AU2021102532A4 - Securing critical digital assets of chemical industries using secure development operational environment (sdoe) framework - Google Patents
Securing critical digital assets of chemical industries using secure development operational environment (sdoe) framework Download PDFInfo
- Publication number
- AU2021102532A4 AU2021102532A4 AU2021102532A AU2021102532A AU2021102532A4 AU 2021102532 A4 AU2021102532 A4 AU 2021102532A4 AU 2021102532 A AU2021102532 A AU 2021102532A AU 2021102532 A AU2021102532 A AU 2021102532A AU 2021102532 A4 AU2021102532 A4 AU 2021102532A4
- Authority
- AU
- Australia
- Prior art keywords
- sdoe
- secure
- development
- digital
- cyber
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000011161 development Methods 0.000 title abstract description 37
- 239000000126 substance Substances 0.000 title abstract description 37
- 238000000034 method Methods 0.000 abstract description 19
- 230000007246 mechanism Effects 0.000 abstract description 14
- 238000004519 manufacturing process Methods 0.000 abstract description 11
- 230000007123 defense Effects 0.000 abstract description 9
- 230000000694 effects Effects 0.000 abstract description 9
- 230000009471 action Effects 0.000 abstract description 8
- 238000011156 evaluation Methods 0.000 abstract description 5
- 238000009434 installation Methods 0.000 abstract description 5
- 230000001681 protective effect Effects 0.000 abstract description 5
- YSGQGNQWBLYHPE-CFUSNLFHSA-N (7r,8r,9s,10r,13s,14s,17s)-17-hydroxy-7,13-dimethyl-2,6,7,8,9,10,11,12,14,15,16,17-dodecahydro-1h-cyclopenta[a]phenanthren-3-one Chemical compound C1C[C@]2(C)[C@@H](O)CC[C@H]2[C@@H]2[C@H](C)CC3=CC(=O)CC[C@@H]3[C@H]21 YSGQGNQWBLYHPE-CFUSNLFHSA-N 0.000 abstract description 2
- DIWRORZWFLOCLC-UHFFFAOYSA-N Lorazepam Chemical compound C12=CC(Cl)=CC=C2NC(=O)C(O)N=C1C1=CC=CC=C1Cl DIWRORZWFLOCLC-UHFFFAOYSA-N 0.000 abstract description 2
- 238000012552 review Methods 0.000 abstract description 2
- 238000006243 chemical reaction Methods 0.000 abstract 1
- 238000011835 investigation Methods 0.000 abstract 1
- 238000012544 monitoring process Methods 0.000 abstract 1
- 230000018109 developmental process Effects 0.000 description 27
- 238000005516 engineering process Methods 0.000 description 8
- 230000008569 process Effects 0.000 description 8
- 230000009466 transformation Effects 0.000 description 8
- 238000013461 design Methods 0.000 description 7
- 238000012360 testing method Methods 0.000 description 7
- 230000006870 function Effects 0.000 description 6
- 238000013459 approach Methods 0.000 description 5
- 238000004458 analytical method Methods 0.000 description 4
- 238000012423 maintenance Methods 0.000 description 4
- 238000001514 detection method Methods 0.000 description 3
- 230000006872 improvement Effects 0.000 description 3
- 230000001105 regulatory effect Effects 0.000 description 3
- 238000003491 array Methods 0.000 description 2
- 230000010354 integration Effects 0.000 description 2
- 239000000463 material Substances 0.000 description 2
- VNWKTOKETHGBQD-UHFFFAOYSA-N methane Chemical compound C VNWKTOKETHGBQD-UHFFFAOYSA-N 0.000 description 2
- 230000009885 systemic effect Effects 0.000 description 2
- 238000010809 targeting technique Methods 0.000 description 2
- 230000007704 transition Effects 0.000 description 2
- 238000012356 Product development Methods 0.000 description 1
- 229910052770 Uranium Inorganic materials 0.000 description 1
- 241000700605 Viruses Species 0.000 description 1
- 208000027418 Wounds and injury Diseases 0.000 description 1
- 230000002411 adverse Effects 0.000 description 1
- 230000004075 alteration Effects 0.000 description 1
- 238000013475 authorization Methods 0.000 description 1
- 230000008901 benefit Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 201000004440 congenital dyserythropoietic anemia Diseases 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 230000001276 controlling effect Effects 0.000 description 1
- 230000006378 damage Effects 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000011982 device technology Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 239000003814 drug Substances 0.000 description 1
- 229940079593 drug Drugs 0.000 description 1
- 230000005611 electricity Effects 0.000 description 1
- 230000007613 environmental effect Effects 0.000 description 1
- 238000012854 evaluation process Methods 0.000 description 1
- 230000003203 everyday effect Effects 0.000 description 1
- 238000010348 incorporation Methods 0.000 description 1
- 239000004615 ingredient Substances 0.000 description 1
- 208000014674 injury Diseases 0.000 description 1
- 230000000116 mitigating effect Effects 0.000 description 1
- 239000003345 natural gas Substances 0.000 description 1
- 239000003208 petroleum Substances 0.000 description 1
- 230000002265 prevention Effects 0.000 description 1
- 230000003449 preventive effect Effects 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 238000012372 quality testing Methods 0.000 description 1
- 239000000941 radioactive substance Substances 0.000 description 1
- 238000011160 research Methods 0.000 description 1
- 238000012502 risk assessment Methods 0.000 description 1
- 238000013514 software validation Methods 0.000 description 1
- 230000001131 transforming effect Effects 0.000 description 1
- JFALSRSLKYAFGM-UHFFFAOYSA-N uranium(0) Chemical compound [U] JFALSRSLKYAFGM-UHFFFAOYSA-N 0.000 description 1
- XLYOFNOQVPJJNP-UHFFFAOYSA-N water Substances O XLYOFNOQVPJJNP-UHFFFAOYSA-N 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q50/00—Information and communication technology [ICT] specially adapted for implementation of business processes of specific business sectors, e.g. utilities or tourism
- G06Q50/04—Manufacturing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02P—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN THE PRODUCTION OR PROCESSING OF GOODS
- Y02P90/00—Enabling technologies with a potential contribution to greenhouse gas [GHG] emissions mitigation
- Y02P90/30—Computing systems specially adapted for manufacturing
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- General Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Health & Medical Sciences (AREA)
- Databases & Information Systems (AREA)
- Storage Device Security (AREA)
Abstract
SECURING CRITICAL DIGITAL ASSETS OF CHEMICAL INDUSTRIES
USING SECURE DEVELOPMENT OPERATIONAL ENVIRONMENT
(SDOE) FRAMEWORK
Abstract
The development of cybersecurity has lately attracted a lot of attention. Cyber protection has
progressively been recognized as essential, and it can be challenging to identify methods for
implementing avoidance, monitoring, investigation, reaction, restoration, and threat evaluation in
the chemical industry. This paper discusses how to use the Secure Development Operational
Environment (SDOE) to create, implement, evaluate, and regulate cybersecurity in chemical
industry digital critical systems. The value of the security environment installation mechanism,
including its various phases, such as safety review and evaluation of critical safety instrumentation
and control systems (I&Cs) is also discussed. The standards specifications for the chemical
industry's I&Cs protection are evaluated in order to create a stable production and operating system
for I&Cs. This invention is intended in the development of the method for the chemical industry
to secure the critical digital assets. The secrecy, reliability, and affordability of Critical Digital
Assets (CDA) should be addressed when thinking about cyber protection. This proposed system
uses the Secure Development Operational Environment (SDOE) framework. Deployment of
protective interface mechanisms into the digital safety device structure to prevent inappropriate
access to the device or defense from an unwanted activity from networked devices during operation
is achieved using SDOE actions.
1
{ VALUAION OFSECURE 1
ENVIRONMENT PLAN
CBRSECURITY PLAN OPERATION
CYSER LICENSE
SURE DEVELOPMENT OPERATIONAL
ENVRONENTAND CYBER SECURITY
PLAN APPROVAL
SECURE DEVELOPMENT OPERATIONAL
ENVIRON MENT AND CYB ER SEC URIT Y
PLAN OPERATION
Figure 2: Cybersecurity regulation.
1.- ---m -
SECURE SECURE
DEVELOPMENT * OPERATIONAL
* ENVRONMENT sa ENVIRONMENT
*UNNECESSARYAND S
UNAUTHORIZED U UNDESIRA BLE ACTION
* FUNCTIONALITY *
SUPERFLUOUS SFT
BACKDOOROPERATIONAL
*PROGRAMING CODE ATVT
*PHYSICAL,LOGICALPYIALGC,
* PROGRAMMATIC SS ADMINISTRATIVE
* CONTROLS CNRL
L---------------- 0 L----------------I
Figure 3: Secure Development Operational Environment (SDOE).
2
Description
{ VALUAION OFSECURE ENVIRONMENT PLAN 1 CBRSECURITY PLAN OPERATION CYSER LICENSE
Figure 2: Cybersecurity regulation. 1.- - -- m - SECURE SECURE DEVELOPMENT * OPERATIONAL * ENVRONMENT sa ENVIRONMENT
L---------------- 0 L----------------I
Figure 3: Secure Development Operational Environment (SDOE).
Description
Field of the Invention:
This invention is intended in the development of the method for the chemical industry to secure the critical digital assets. This proposed system uses the Secure Development Operational Environment (SDOE) framework. SDOE is dealing with the basic controls that are always added to the digital safety scheme and differ from current security strategic objectives.
Background of the Invention:
Across the globe, digital transformation is developing as a leading sector of transition. Communication has the ability to motivate a large number of customers even while supplying companies with unrivaled value generation and capturing benefits. The product developments in fields like medicines, chemicals, and electronics, the Chemical and Material Engineering industry is figured prominently in industrial revolutions. The field of chemicals and material development is now a main driver of the 4th Industrial Revolution. Its efforts permit other industries to transform inventions and technologies into specialized digitalization-supporting goods. However, digital transformation is transforming the market as a whole. Digitalization aids in the level of production and protection in the industry's supply chain, as well as the development of raw products. Furthermore, the sector must focus on areas of digital transformation. Digitalization can bring about digital transformation in a variety of sectors; there is a range of obstacles to address. The rapid growth of global knowledge flows has posed new threats in terms of data security and privacy in chemical industries are struggling with issues such as evolving consumer preferences, cultural change, obsolete legislation, and capacity shortages. Secure development and operational environment (SDOE) is stable production and operating environment for the critical digital asset in chemical industry protection systems. In the chemical industry, the digital-based protection system implementation process will recognize and overcome possible weaknesses or defects in each step of the digital asset transformation system which might weaken the system reliability.
Kim et al developed cyber-attack taxonomy for a digital environment in nuclear power plants. Cyber protection at nuclear power plants (NPPs) is becoming a high priority with the advent of automated instrumentation and control (I&C) systems. Stuxnet, the computer virus that killed Iran's enriched uranium system shows that nuclear power plants might be vulnerable to cyber attacks that lead to the production of radioactive substances. Moreover, comparison to Information Technology (IT), computer security analysis on supervisory control and data acquisition (SCADA) systems and industrial control systems (ICSs) are lacking, so it is crucial to evaluate cyber-attack typology for nuclear power plants (NPPs) given the characteristics feature of industrial control systems (ICSs). Cyber-attack taxonomy analysis is advancing, but that still doesn't represent the structural and implicit features ofNPPs, but it needs a systemic detection system plan. As an effect, as outlined in a regulatory guideline of 015 and regulatory guide of 5.71, it is important to more actively verify the performance of regulators and operators in relation to cybersecurity. As a result, they proposed a framework for cyber-attack taxonomy focused on NPP features and uses the prototype to illustrate a particular cyber-attack scenario. Furthermore, by pairing the detection mechanism with vital digital properties, this study indicates a systemic countermeasure approach (CDAs). The cyber-attack instances studied with the established cyber-attack taxonomy are utilized as evidence for evaluating and validating cyber protection compliance for automated technologies being used, as well as successful detection and mitigating for NPP cyber-attacks.
Son et al developed a cybersecurity scheme for critical digital assets at nuclear power plants. The significance of cyber protection for nuclear power plants has grown rapidly, relevant organizations including manufacturers, regulators, operators, and research facilities have recognized the several issues that need to be addressed to effectively apply cybersecurity at nuclear power plants to sensitive digital assets. It's critical to examine and study how to implement nuclear cyber defense criteria efficiently, as well as analyze related variables being included in the entire nuclear network security control system. Different cybersecurity approaches, including cybersecurity analysis, evaluations, and product creation life cycle are used to examine the related features of nuclear cyber defense technologies. Nuclear cyber protection technologies must be applied successfully in conjunction with a nuclear facility's service, security, and device construction processes. These findings may apply to potential technological criteria for cyber protection of sensitive data infrastructure at nuclear power plants, as well as hardware that requires a high degree of information ensuring technological security. This paper presents a novel approach to comparing and analyzing different cybersecurity approaches in order to identify compatible factors for applying cybersecurity to sensitive structures in nuclear power plants. Moreover, using the compatible factors of different network security approaches described in the study. Thus, this paper provides effective techniques for designing, implementing, analyzing, and controlling data security in critical nuclear digital systems.
Kharchenko et al discussed the critical environmental safety for the Field Programmable Gate Arrays (FPGA) systems. The value of the security system installation mechanism, and its various phases such as security-oriented review and evaluation of functional safety instrumentation and control systems (I&Cs), is discussed in this paper. The success of risk assessment, taking into account the impact of humans, techniques, and tools, and the use of the Intrusion Modes and Effect Criticality Analysis (IMECA) methodology are some of the fundamental concepts preferred in the evaluation method. It enables the method to be applied to a variety of safety-critical applications, namely instrumentation and control systems (I&Cs) based on Field-Programmable Gate Arrays (FPGAs). The specifications of industry standards for I&Cs protection are studied, and the suggested methodology is demonstrated by using safety scenarios for the FPGA framework RadICS, to create a safe production and operating ecosystem for Nuclear Power Plants.
Objective of the Invention:
1. This invention is intended in the development of the method for the chemical industry to secure the critical digital assets. The secrecy, reliability, and affordability of Critical Digital Assets (CDA) should be addressed when thinking about cyber protection. 2. This proposed system uses the Secure Development Operational Environment (SDOE) framework. Deployment of protective interface mechanisms into the digital safety device structure to prevent inappropriate access to the device or defense from an unwanted activity from networked devices during operation is achieved using SDOE actions. 3. SDOE is dealing with the basic controls that are always added to the digital safety scheme and differ from current security strategic objectives. SDOE must assure that automated safety systems operate reliably in the face of threats to their credibility, security, or availability.
Summary of the Invention:
In recent times, Information Technology (IT) has progressed rapidly and it has been extended to the Industrial Systems of major strategic facilities such as electricity, oil, water supply, nuclear power, telecommunications, and transport. Due to the usage of digital systems in infrastructural development, there is a risk development due to the cyber-attacks targeting technologies, necessitating the improvement of cyber protection for different architecture facility sensitive digital systems and transformation. Every other processed commodity is influenced by the chemicals industry in a certain way. Natural gas and petroleum are refined into intermediary ingredients that are then transformed into goods that use every day.
Industry 4.0 combines the variety of physical and digital technological advancements to form a larger characteristics relationship, is expected to accelerate those improvements, and it can evolve the chemicals sector by fostering structural development and increasing efficiency. The Internet of Things (IoT), smart electronics, manufacturing techniques, analytical tools, virtual reality, and robotics are important to the chemicals industry, has achieved a cost and efficiency standard that allows for broad use. More recently, these innovations have progressed to the point where there is an integration of chemical industries core transformation with the marketing processes to digitally enable the services and allow "digital" supply of asset from factories, and innovative business models.
Progressions in communications software include data requirements and processing, and manufacturing technological product has the potential to boost the chemical industry's production and competitiveness. However, digital convergence in the chemical industry offers major prospects for product and application creativity. Digital community procurement tools, for illustration, generate ideas are used for reducing greenhouse emissions during the commodity life span. Chemical industries require a shared process for determining the present state, identifying the ideal future outcome, and setting forth a practical stage on the digital path in order to realize the promise of the digital economy. The industry's digital production process will influence management decisions and implementation measures in five key growth areas including user engagement, skill empowerment, asset durability and efficiency, product system creativity, and communities.
The advancement of a Secure Development and Operational Environment (SDOE) for digital security systems comprises security measures to ensure digital security enhancement process against unauthorized access, unnecessary, or inappropriate alteration and safety against a certain predictable inappropriate set of actions that is more critical for reliable function of the digital system during operations. Deployment of protective interface mechanisms into the digital safety device structure to prevent inappropriate access to the device or defense from an unwanted activity from networked devices during operation is achieved using SDOE actions.
Detailed Description of the Invention:
The secrecy, reliability, and affordability of Critical Digital Assets (CDA) should be addressed when thinking about cyber protection. The relationship between protection and cybersecurity is examined from various components including safety in regards to cybersecurity, cybersecurity in regards to safety, and the convergence of cybersecurity and protection. If malicious activities attack the security feature, none of the safe operations may be affected. Present nuclear laws mainly focusing on protection functions, make it difficult to track and protect against cyber threatening. It is assumed that the security feature does not compromise current protection, although it is incorrect if an inadequate security mechanism poses a significant risk to the traditional safety system. The emphasis on chemical I&C safe operation is shifted from standards to categorizing and complying with characteristics that might impair safety functions, such as cyber protection.
As a result, the reliability and functionality of safety functions are critical in safety-related systems followed by the vulnerability or cyber-attack on anonymity, reputation, or accessibility should be identified and protected against because protection is assumed an aspect of cybersecurity. One of the cyber-attack possibilities that target the system's original operating mechanisms is having a significant impact on the protection mechanism in chemical industries. There is no issue with the security feature whether the chemical industry trip happens, however, the security measure is now operating efficiently from a safety baseline. Cyber-attacks that induce a system to trip should be fought and analyzed as they can have a negative impact on the activity of system operation in chemical industries and an economy. Finally, the terms "security" and "cyber protection" are used interchangeably and in reference to one another.
The aspects of internet safety and security that have to be governed from each perspective are examined, and the aspects that converge are examined simultaneously. There might be a number of factors, incident and injury assessments of chemical I&C systems are examined in which security and data protection could work together. In order to protect, regulate and stabilize device technologies have been established. In regards to cyber defense, more smart and violent cyber-attacks have been tested. The issue is that complexity of security and cyber attacks are gradually increasing. Infrastructure is not distinct in the chemical industry as it is complex and physically stable. These vital installations must also establish preventive measures on a regular basis, based on the attack severity and the potential for technological cyber threats. If the data defense capability of industrial IT technology evolves, it is important to do a detailed comparison of the related issues of cyber protection adapted to physical infrastructure and orientations in order to enhance new protective and relevant technologies.
The procurement process has categorized chemical systems as either non-safety or safety, with an emphasis on safety-critical systems. Computer quality testing has been used to identify safety related functionality. In regard to regulatory demand, chemical industry cybersecurity may be classified into two categories namely SDOE and Cyber Security Plan (CSP). The safety standards 1.152 and KINS/RG-N8.13 explain how to use digital computerized software in chemical industry safety systems to promote high technical efficiency, design accuracy, and an SDOE. The safety standards show no evidence of the potential of security features to defend against cyber attacks. These guidelines are goal is to ensure that the built functionality does not compromise the system's stability or desire to implement its safety role.
Digital, computational, and programmatic measures must maintain a stable deployment opportunity for the growth of critical digital asset safety systems against unauthorized operation. SOE must use natural, administrative, and logical controls to maintain a protected environment during the maintenance of digital safety mechanisms against unwanted networked devices and inappropriate employee behavior. SDOE must assure that automated safety systems operate reliably in the face of threats to their credibility, security, or availability. In comparison to SDLs and SSDLs, SDOE has a distinct meaning. The specifications of RG 1.152 and KINS/RG-N08.13 are not intended to conform with 10 CFR 73.54's cyber protection specifications. SDOE is dealing with the basic controls that are always added to the digital safety scheme and differ from current security strategic objectives. During the implementation process, SDE mentions many instances of unintended, pointless, and unauthorized features as superfluous programming and backdoor programming. The technological safeguards against superfluous programming, backdoor programming, unwanted, and unintended incidents are examined. SDE defines a wide range of inappropriate associated machine activity along with unintentional operator acts. It's hard to comprehend really what SDOE entails or what tasks the owners, creators, and administrative sections can perform in-depth.
The Secure Development Operational Environment (SDOE) is used to improve the digital asset protection infrastructure in the chemical industry, which includes the concept stage, requirement stage, design stage, implementation stage, testing stage, installation, operation and maintenance, and retirement.
Concept phase: Recognize the architecture attributes of digital safety mechanisms that are necessary to provide stable operating conditions for the systems. Examine the digital security system's vulnerability to inadvertent accessibility and unwanted action. The study's findings are used to determine design functionality criteria. Allowing physical access to the security device will endanger the system's security feature.
Requirement phase: Establish the device architecture and practical technical performance for stable operating conditions. The evaluation process must ensure that the system's SDOE characteristic is appropriate, absolute, accurate, testable, and consistent. The security system's stability should be addressed in specifications describing is obtained by using pre-developed applications and systems. Prevention of superfluous incorporation or inappropriate conditions might lead to the addition of unintended or inappropriate code.
Design phase: The system parameters configuration ought to be converted into basic structural configuration elements in the proposed system for the digital asset safety function of SOE is defined in the functional specification requirement. Install all digital safety mechanisms at the top of the defense infrastructure, allowing only a single contact from the digital security system to reduced systems. Monitor physical and logical entry, utilization of safety device resources, and data exchange with certain other systems are all addressed. Incorporating pre-developed applications into a security system must take into account that this software would not adversely affect the protection system's SOE. Instead of simply a password quite complicated access management mechanisms namely password, key, and smart card, and fingerprints are used.
Implementation phase: Assess that the transition from the device architecture configuration to the protected operating system's configuration objects is right, precise, and completed. To eliminate and minimize any unauthorized or improper changes to the enhanced structure, enforce stable network architecture protocols and standards. Take note of any secret functionality or insecure aspects in the code. Ascertain that perhaps the operation system's capabilities do not negatively impact the SOE's necessary design function.
Test phase: Device hardware design, system and software integration testing, system production approval testing, and software validation testing are all part of the testing process.
Operation and maintenance: Include a clause in the procurement criteria requiring the manufacturer to take sufficient steps to maintain a protected production system and consist of any functionality needed by the authorization to enable secure operating conditions for the digital security system in the chemical industry.
Claims:
This invention involves the development of the Secure Development Operational Environment (SDOE) framework for securing the critical digital assets and it has the following claims:
1. This invention is intended in the development of the method for the chemical industry to secure the critical digital assets. i. From claim 1, The secrecy, reliability, and affordability of Critical Digital Assets (CDA) should be addressed when thinking about cyber protection. ii. From claim 1, Due to the usage of digital systems in infrastructural development, there is a risk development due to the cyber-attacks targeting technologies, necessitating the improvement of cyber protection for different architecture facility sensitive digital systems and transformation. iii. From claim 1, Digital community procurement tools, for illustration, generate ideas are used for reducing greenhouse emissions during the commodity life span. 2. This proposed system uses the Secure Development Operational Environment (SDOE) framework. i. From claim 2, Deployment of protective interface mechanisms into the digital safety device structure to prevent inappropriate access to the device or defense from an unwanted activity from networked devices during operation is achieved using SDOE actions. ii. From claim 2, SDOE must assure that automated safety systems operate reliably in the face of threats to their credibility, security, or availability. 3. SDOE is dealing with the basic controls that are always added to the digital safety scheme and differ from current security strategic objectives. i. From claim 3, SDOE must assure that automated safety systems operate reliably in the face of threats to their credibility, security, or availability. ii. From claim 3, The Secure Development Operational Environment (SDOE) is used to improve the digital asset protection infrastructure in the chemical industry, which includes the concept stage, requirement stage, design stage, implementation stage, testing stage, installation, operation and maintenance, and retirement.
SECURING CRITICAL DIGITAL ASSETS OF CHEMICAL INDUSTRIES 13 May 2021
Diagram 2021102532
Figure 1: Digital Assets.
Figure 2: Cybersecurity regulation.
Figure 3: Secure Development Operational Environment (SDOE).
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| AU2021102532A AU2021102532A4 (en) | 2021-05-13 | 2021-05-13 | Securing critical digital assets of chemical industries using secure development operational environment (sdoe) framework |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| AU2021102532A AU2021102532A4 (en) | 2021-05-13 | 2021-05-13 | Securing critical digital assets of chemical industries using secure development operational environment (sdoe) framework |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| AU2021102532A4 true AU2021102532A4 (en) | 2021-07-01 |
Family
ID=76584620
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| AU2021102532A Active AU2021102532A4 (en) | 2021-05-13 | 2021-05-13 | Securing critical digital assets of chemical industries using secure development operational environment (sdoe) framework |
Country Status (1)
| Country | Link |
|---|---|
| AU (1) | AU2021102532A4 (en) |
-
2021
- 2021-05-13 AU AU2021102532A patent/AU2021102532A4/en active Active
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Mughal | Artificial Intelligence in Information Security: Exploring the Advantages, Challenges, and Future Directions | |
| Jbair et al. | Threat modelling for industrial cyber physical systems in the era of smart manufacturing | |
| Schabacker et al. | Assessing cyberbiosecurity vulnerabilities and infrastructure resilience | |
| Alexander et al. | Cybersecurity terminology and frameworks | |
| Ayodeji et al. | Cyber security in the nuclear industry: A closer look at digital control systems, networks and human factors | |
| Shin et al. | Cyber security risk analysis model composed with activity-quality and architecture model | |
| Daria et al. | Intelligent system for risk identification of cybersecurity violations in energy facility | |
| Kosmowski et al. | INTEGRATED FUNCIONAL SAFETY AND CYBERSECURITY. ANALYSIS METHOD FOR SMART MANUFACTURING SYSTEMS | |
| Cook et al. | PLCPrint: fingerprinting memory attacks in programmable logic controllers | |
| Udeh et al. | The role of big data in detecting and preventing financial fraud in digital transactions | |
| Illési et al. | A security assessment of AI, related to the financial institutions | |
| AU2021102532A4 (en) | Securing critical digital assets of chemical industries using secure development operational environment (sdoe) framework | |
| CN117081818A (en) | Attack transaction identification and interception method and system based on intelligent contract firewall | |
| Adaros-Boye et al. | Continuous risk management for industrial IoT: a methodological view | |
| Zhang | Nuclear power plant cybersecurity | |
| Almoqbil | Anomaly detection for early ransomware and spyware warning in nuclear power plant systems based on FusionGuard | |
| Trifonov et al. | Automation of cyber security incident handling through artificial intelligence methods | |
| Albanese et al. | Formation of awareness | |
| Kaloudi et al. | Comparison of risk analysis approaches for analyzing emergent misbehavior in autonomous systems | |
| Patel et al. | Estimation of the time for steam generator trip due to cyber intrusions | |
| Otero | Optimization methodology for change management controls using Grey Systems Theory | |
| Shin et al. | Risk-informed cyber security evaluation of nuclear facilities | |
| Setianingsih et al. | Risk Assessment Methods for Cybersecurity in Nuclear Facilities: Compliance to Regulatory Requirements | |
| Cozza et al. | Towards Obfuscation of Programmable Logic Controllers | |
| Wong et al. | Learning System Security Compliance for Banking |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| FGI | Letters patent sealed or granted (innovation patent) |