Ph.D. started in: 2019
Expected year of graduation: 2022
COINS consortium member: Norwegian University of Science and Technology
Supervised by: Mary Ann Lundteigen, Bjørn Axel Gran, Sokratis Katsikas
Research area: Network Security
Project title: ICT Security in Safety Instrumented Systems as applied in critical infrastructures
Project description: I work on the safety and security of next generation industrial control systems. Digital technologies are enabling networking in application areas where it has never been the case up until the 21st century. This provides unique opportunities and poses unique threats to critical infrastructures. Through my experience in the nuclear industry, I gained a perspective for the complex problems emerging in control systems used in highly regulated industries. Most importantly, the functional safety regulation stemming from the industrial sphere and the cybersecurity policies enforced in enterprise-grade information technologies will be interfacing through electronic communication. While industries like oil and gas are still regulated according to safety, the security of control systems is increasingly recognized as a growing sub-set of safety. Air traffic and electricity grids are increasingly reliant on information technology and are subject to security regulation in addition to safety. Reconciling or unifying the standards related to the two distinct fields is necessary during the lifecycle of control systems, but not straightforward due to the different foundations of each field in mathematics, language and culture. The inherent contradictions in limiting information flow for security reasons while making information available throughout the organization for safety reasons need to be resolved according to objective metrics that are yet to be found – be it generic for hazardous industries, industry or facility specific. Clarifying the design, verification and operation procedures for future control systems will allow companies to retain sufficient control of their facilities while taking advantage of IoT and Industry 4.0 functionalities.
Finding design philosophies and architectures that minimize the threats while retaining the opportunities of networked control systems will allow for the long-term accident-free, therefore economically viable and environment-friendly operation of a wide range of facilities.