Technical Report
Concept of Operations (CONOPS) Exploiting Cyber Vulnerabilities of Oil and Gas Pipelines Building the Systems Assurance Framework
-
Trusted Systems
Report Number: SERC-SR-2020-004
Publication Date: 2020-06-12
Project:
Methods to Evaluate Cost/Technical Risk and Opportunity Decisions for Security Assurance in Design
Principal Investigators:
Thomas McDermott Jr.
Co-Principal Investigators:
Dr. Cody Fleming
This CONOPS is written from both the perspectives of the pipeline company and adversary, which will strengthen the framework to eventually address requirements, design, implementation, integration and testing, system verification, and iterations of the system that will provide the best Systems Assurance.
This Concept of Operations (CONOPS) is intended to inform mission descriptions that are critical to the lifecycle process and various stakeholders, which consequently also provides crucial information to adversaries for the capitalization of interdependencies within the operations. The document from the company operation’s perspective is an amalgamation of several publicly released artifacts from various organizations, companies, and academic papers. The attacker perspective is from literature reviews, experience, and curated and created models [1].
A CONOPS usually is a user-oriented document that describes systems characteristics for a proposed system from the user’s perspective. It describes the user organization, mission, and objectives from an integrated systems point of view and is used to communicate the overall quantitative and qualitative system characteristics to stakeholders. It can also be a document that brings a consensus among the acquirer, developers, supporters, and user agencies on the operational concepts of a proposed system [2]. However, provided that an Advanced Persistent Threat (APT) is to repeatedly have access to a system over an extended timeframe, the strategic interjection of knowledge or malware has to be known vulnerabilities to the attacker for the various inputs of the system. Provided this, the attacker group that launches the APT must be well versed in the system as a whole to impact a critical infrastructure in the way desired since multiple entry and exist points have to be infiltrated. Occurrences such as Stuxnet, Duqu, Flame, and Red October have troubled the security community and shown clear indication that the attackers are well organized [3]. The targeting of operating systems and architectures, initial attack vectors, command execution and escalation privileges, network access, IDS and endpoint antivirus products, encryption and obfuscation, and exploitation of digital signatures are just some of the ways the attackers have infiltrated systems with a multipronged approach and consistency.