Description
Industrial Control Systems (ICS) are designed to provide a service, such as power generation or water treatment, while protecting people, assets, and the environment against hazards. However, ICS now integrate Information Technology (IT) and are interconnected with the outside world such as the Internet, thereby exposing their infrastructures to cyberattacks. Cyberattacks have thus become new threats to industrial system operations and, more specifically, to their safety. To address the issue, this work presents a comprehensive cybersecurity risk assessment for the safety of ICS. This method takes into account the applicative logic of programmable logic controllers (PLC) and proposes attack models that allow for the identification of attacks specifically breaking safety properties.