A continuous OT cybersecurity risk analysis and Mitigation process
Hanssen, Geir Kjetil; Thieme, Christoph Alexander; Bjarkø, Andrea Vik; Lundteigen, Mary Ann; Bernsmed, Karin Elisabeth; Jaatun, Martin Gilje
Chapter
Published version
Date
2023Metadata
Show full item recordCollections
- Publikasjoner fra CRIStin - SINTEF AS [6166]
- SINTEF Digital [2626]
Original version
ESREL 2023 - Proceedings of the 33rd European Safety and Reliability Conference : The Future of Safety in the Reconnected World, 3 – 7 September 2023, University of Southampton, United Kingdom. 2023, 3190-3197. 10.3850/978-981-18-8071-1_P413-cdAbstract
Operational Technology (OT) systems are becoming increasingly software-driven and connected. This creates new digitalization opportunities but can also increase the risk of cyber security breaches than can have severe consequences. Through a close dialogue with Norwegian actors in the oil- and gas industry and insight into the IEC 62443 standard we propose a process model for continuous risk assessment and mitigation. This paper explains the phases and details of the model and discusses its limitations and further work.