STOP-IT - Detail page

Home
FT
SP Wizard
- Risknought
Lists
- Measures
- Events
- Tools
- ST Procedures
Search
Login

Measure: AppropriateLayingOfWires

Description

Information transmitting wires should be laid in a security conform way. Thus the probability of data thieveries and damages of wires is reduced by preventing unauthorized access to the data transmission wire. The aim is to protect sensitive data.

Comments

It should be made difficult to get access to wires e.g. by underground laying of wires, the protection of wires by mantles or similar.

Event source types

External attacker
Internal attacker
Human fault
Natural phenomena

Event types

Destruction
Manipulation

Risk reduction mechanism

Frequency/Likelihood

Threat Types

Cyber
Physical
Cyber-Physical

Action characteristics

Proactive

Measure types

Physical Barriers
Control System

event_ measures

Event Consequences

Quantity
Quality
Financial
Reputation

Asset types

Drinking Water Network
Drinking Water Tanks
Pressure Boosting Station
Water Abstraction Points
Water Treatment Plants

Events

Gate 193 - Surface water management system functions on altered data
Basic Event 66 - No back-up alternative for WTP dosing system PLC
Basic Event 237 - Malware alters PLC statements that control WDN tank refill
Basic Event 233 - External person damages WDN tank
Basic Event 177 - External person breaks in to reservoir control area taking over SCADA
Basic Event 275 - Malware alters WDN control statements
Basic Event 238 - External person in situ manipulates WDN tank transmission system
Basic Event 214 - Undetected SCADA hijacking software takes control of WTP operation
Basic Event 215 - Man-in-the-Middle attack manipulates WTP control signals
Basic Event 276 - SQL injection to data used for demand prediction
Basic Event 236 - Man-in-the-Middle attack manipulates WDN tank level sensor signals
Basic Event 163 - External person attacks surface water system management party e.g. water board
Basic Event 157 - Man-in-the-Middle attack manipulates WDN quality sensor readings
Basic Event 216 - Incorrect execution or failure of software acquired from an external party crashes WTP control system
Basic Event 171 - Human error in operating/using surface water management system
Gate 219 - Staff controlled hydraulic processes run without WTP data
Basic Event 61 - External person breaks in to WTP and takes over SCADA undetected
Gate 220 - Staff or PLC controlled hydraulic processes run on altered WTP data
Basic Event 219 - DoS attack to WTP process system PLC
Gate 111 - Insufficient disinfection due to loss of WTP control
Basic Event 207 - External person destroys WTP transmission wires
Basic Event 264 - Malware alters PLC statements that control valve
Basic Event 52 - Restricted area authorization procedure failure
Basic Event 277 - Malware tampers network topology characteristics on prediction models (e.g. tank volume curve)
Basic Event 265 - Man-in-the-Middle attack manipulates WDN valve sensor signals
Basic Event 178 - Internal person silently takes over reservoir SCADA control
Basic Event 278 - Ransomware wipes out WDN control system files
Basic Event 159 - Incorrect execution or failure of software acquired from an external party crashes WTP control system
Basic Event 62 - Internal person silently takes over SCADA control
Basic Event 211 - External attacker manipulates WTP transmission devices
Basic Event 63 - Undetected SCADA hijacking software takes control of WTP operation
Basic Event 194 - External person manipulates transmission wires of wells
Basic Event 198 - External person breaks in to well control area and takes over SCADA
Basic Event 179 - Man-in-the-Middle attack manipulates reservoir control signals
Basic Event 180 - Incorrect execution or failure of software acquired from an external party crashes reservoir control system
Basic Event 279 - Malware corrupts prediction model database
Basic Event 269 - External person physically destroys WDN pipes
Basic Event 64 - Man-in-the-Middle attack manipulates WTP control signals
Gate 260 - WDN control system manipulated
Basic Event 270 - Control center destroyed by accidental fire
Basic Event 195 - External person manipulates data transmission system of wells
Basic Event 199 - Internal person silently takes over abstraction well SCADA control
Basic Event 267 - Man-in-the-Middle attack manipulates WDN valve control signals
Gate 176 - Staff controlled processes run without WTP data
Gate 177 - Staff or PLC controlled processes run on altered WTP data
Basic Event 281 - Incorrect execution or failure of software acquired from an external party crashes WDN control system
Basic Event 240 - Upadate of OS causes false positive alarms from Event Detection System
Basic Event 232 - External person physically interrupts WDN tank outflow
Basic Event 224 - External person destroys data transmission system of WTP power transformers
Basic Event 251 - External person in situ manipulates PBS transmission devices
Basic Event 259 - External person physically damages PBS PLC
Basic Event 200 - Incorrect execution or failure of software acquired from an external party crashes abstraction well control system
Basic Event 201 - Malware performs DoS attack on abstraction well PLCs
Basic Event 210 - Man-in-the-Middle attack manipulates WTP sensor signal
Basic Event 282 - Failure to regulate the temperature, humidity and air quality in environments where information systems are located
Basic Event 218 - Accidental errors by authorized user while maintaining information system
Gate 186 - Quality verification process runs on altered WTP data
Basic Event 227 - Fake news about contamination in WTP using manipulated water company public communication
Basic Event 222 - A valve is opened and floods equipment
Basic Event 257 - Incorrect execution or failure of software acquired from an external party crashes PBS control system
Basic Event 169 - Man-in-the-Middle attack manipulates surface water system sensor signal
Basic Event 153 - External attacker manipulates WTP transmission devices
Basic Event 192 - External person physically destroys data transmission wires of wells
Basic Event 170 - External attacker manipulates surface water system transmission devices
Basic Event 52 - Restricted area authorization procedure failure
Basic Event 250 - Malware alters PLC statements that control pump
Basic Event 271 - WDN Control center destroyed by accidental flood
Basic Event 213 - Internal person silently takes over WTP SCADA control
Basic Event 261 - Undetected SCADA hijacking software takes control of PBS operation
Basic Event 262 - External person physically destroys valve
Basic Event 65 - DoS attack to dosing system PLC
Gate 237 - Outflow valve of WDN tank closed
Basic Event 191 - External person physically destroys data transmission system of wells
Gate 239 - Mislead PLC controlled WDN tank refill process
Gate 113 - Lower efficiency of WTP disinfectant undetected
Basic Event 272 - WDN control center destroyed by intentional flood
Basic Event 254 - External person physically destroys PBS data transmission wires

Specific Assets

Control Center
Control System
Drinking Water Pipes
Drinking Water Tanks
Fire Hydrants
Pressure Boosting Station
Transferred Information
Transmission Devices
Valve

Measure ID

M51

Name

AppropriateLayingOfWires

Risk reduction mechanism

Frequency/Likelihood

Action characteristics

Proactive

This project has received funding from the European Union's Horizon 2020 research and innovation programme under grant agreement No. 740610. The publication reflects only the authors' views and the European Union is not liable for any use that may be made of the information contained therein. All illustrations in the homepage are attributed to rudall30/Shutterstock.com.