Skip to main content
Springer Nature Link
Log in

Paralyzed or Compromised: A Case Study of Decisions in Cyber-Physical Systems

  • Conference paper
  • First Online:
HCI for Cybersecurity, Privacy and Trust (HCII 2024)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 14729))

Included in the following conference series:

  • 723 Accesses

  • 2 Citations

Abstract

Human operators of Cyber-Physical Systems (CPSs) within Critical Infrastructure (CI) need to protect their systems from cyber-attacks. When CPSs are compromised the operators might be faced with the dilemma of letting the systems be compromised to maintain the operation of CPSs or to paralyze the CPSs to mitigate the attack. How human operators resolve this dilemma was investigated through a case study of the Sunburst attack within the electrical power and manufacturing CI in Norway. Four actors were interviewed regarding the dilemma, including three actors interviewed regarding their handling of the Sunburst case. The interviews with additional incident reports from one of the actors were analyzed inductively to identify how the human operators made decisions in this context. Ten themes were identified and synthesized into a logic model of the decision process. The logic model was then compared to existing theoretical models of Situation Awareness (SA) to assess if SA theory could explain the findings. This study concludes that existing SA models are compatible with the findings. Some parts of the logic model based on the findings provide unique contributions to the understanding of the decisions. One important finding is that the design of the systems related to CPSs must allow adequate mitigation alternatives. The study highlights several implications for practice and further research. Although the findings may not be generalizable beyond the setting of the case, the study contributes to bridging the recognized research gap of empirical studies of the SA of human operators of CPSs.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+
from €37.37 /Month
  • Starting from 10 chapters or articles per month
  • Access and download chapters and articles from more than 300k books and 2,500 journals
  • Cancel anytime
View plans

Buy Now

Chapter
EUR 29.95
Price includes VAT (Norway)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
EUR 117.69
Price includes VAT (Norway)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
EUR 149.99
Price excludes VAT (Norway)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Explore related subjects

Discover the latest articles, books and news in related subjects, suggested using machine learning.

References

  1. Baheti, R., Gill, H.: Cyber-physical systems. Impact Control Technol. 12, 161–166 (2011)

    Google Scholar 

  2. Ashibani, Y., Mahmoud, Q.H.: Cyber physical systems security: analysis, challenges and solutions. Comput. Secur. 68, 81–97 (2017). https://doi.org/10.1016/j.cose.2017.04.005

    Article  Google Scholar 

  3. Alguliyev, R., Imamverdiyev, Y., Sukhostat, L.: Cyber-physical systems and their security issues. Comput. Ind. 100, 212–223 (2018). https://doi.org/10.1016/j.compind.2018.04.017

    Article  Google Scholar 

  4. Yaacoub, J.-P.A., Salman, O., Noura, H.N., Kaaniche, N., Chehab, A., Malli, M.: Cyber-physical systems security: limitations, issues and future trends. Microprocess. Microsyst. 77 (2020). https://doi.org/10.1016/j.micpro.2020.103201

  5. Kayan, H., Nunes, M., Rana, O., Burnap, P., Perera, C.: Cybersecurity of industrial cyber-physical systems: a review. ACM Comput. Surv. (CSUR) 54, 1–35 (2022). https://doi.org/10.1145/3510410

    Article  Google Scholar 

  6. Lezzi, M., Lazoi, M., Corallo, A.: Cybersecurity for industry 4.0 in the current literature: a reference framework. Comput. Ind. 103, 97–110 (2018). https://doi.org/10.1016/j.compind.2018.09.004

  7. El-Kady, A.H., Halim, S., El-Halwagi, M.M., Khan, F.: Analysis of safety and security challenges and opportunities related to cyber-physical systems. Process. Saf. Environ. Prot. 173, 384–413 (2023). https://doi.org/10.1016/j.psep.2023.03.012

    Article  Google Scholar 

  8. Akbarzadeh, A., Katsikas, S.: Unified IT&OT modeling for cybersecurity analysis of cyber-physical systems. IEEE Open J. Ind. Electron. Soc. 3, 318–328 (2022). https://doi.org/10.1109/ojies.2022.3178834

    Article  Google Scholar 

  9. Ofte, H.J., Katsikas, S.: Understanding situation awareness in SOCs, a systematic literature review. Comput. Secur., 103069 (2022). https://doi.org/10.1016/j.cose.2022.103069

  10. Stanton, N.A., Salmon, P.M., Walker, G.H., Salas, E., Hancock, P.A.: State-of-science: situation awareness in individuals, teams and systems. Ergonomics 60, 449–466 (2017). https://doi.org/10.1080/00140139.2017.1278796

    Article  Google Scholar 

  11. Gutzwiller, R., Dykstra, J., Payne, B.: Gaps and opportunities in situational awareness for cybersecurity. Digit. Threats Res. Pract. 1 (2020). https://doi.org/10.1145/3384471

  12. Willett, M.: Lessons of the SolarWinds hack. Survival 63, 7–26 (2021). https://doi.org/10.1080/00396338.2021.1906001

    Article  Google Scholar 

  13. Dey, N., Ashour, A.S., Shi, F., Fong, S.J., Tavares, J.M.R.: Medical cyber-physical systems: a survey. J. Med. Syst. 42, 1–13 (2018). https://doi.org/10.1007/s10916-018-0921-x

    Article  Google Scholar 

  14. Kim, K., Kim, J.S., Jeong, S., Park, J.-H., Kim, H.K.: Cybersecurity for autonomous vehicles: review of attacks and defense. Comput. Secur. 103, 102150 (2021). https://doi.org/10.1016/j.cose.2020.102150

    Article  Google Scholar 

  15. Yohanandhan, R.V., Elavarasan, R.M., Manoharan, P., Mihet-Popa, L.: Cyber-physical power system (CPPS): a review on modeling, simulation, and analysis with cyber security applications. IEEE Access 8, 151019–151064 (2020). https://doi.org/10.1109/access.2020.3016826

    Article  Google Scholar 

  16. Aven, T.: A unified framework for risk and vulnerability analysis covering both safety and security. Reliab. Eng. Syst. Saf. 92, 745–754 (2007). https://doi.org/10.1016/j.ress.2006.03.008

    Article  Google Scholar 

  17. Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (IIoT): an analysis framework. Comput. Ind. 101, 1–12 (2018). https://doi.org/10.1016/j.compind.2018.04.015

    Article  Google Scholar 

  18. Obregon, L.: Secure architecture for industrial control systems. SANS Institute, White Paper (2015)

    Google Scholar 

  19. Stouffer, K., et al.: Guide to operational technology (OT) security. NIST Special Publication, 800-882, Rev. 803 (2023). https://doi.org/10.6028/NIST.SP.800-82r3

  20. Turchin, A., Denkenberger, D.: Classification of global catastrophic risks connected with artificial intelligence. AI Soc. 35, 147–163 (2020). https://doi.org/10.1007/s00146-018-0845-5

    Article  Google Scholar 

  21. Nunes, D.S., Zhang, P., Silva, J.S.: A survey on human-in-the-loop applications towards an internet of all. IEEE Commun. Surv. Tutorials 17, 944–965 (2015). https://doi.org/10.1109/comst.2015.2398816

    Article  Google Scholar 

  22. Jirgl, M., Bradac, Z., Fiedler, P.: Human-in-the-loop issue in context of the cyber-physical systems. IFAC-PapersOnLine 51, 225–230 (2018). https://doi.org/10.1016/j.ifacol.2018.07.158

    Article  Google Scholar 

  23. Kadir, B.A., Broberg, O., da Conceicao, C.S.: Current research and future perspectives on human factors and ergonomics in industry 4.0. Comput. Ind. Eng. 137, 106004 (2019). https://doi.org/10.1016/j.cie.2019.106004

  24. Carreras Guzman, N.H., Wied, M., Kozine, I., Lundteigen, M.A.: Conceptualizing the key features of cyber-physical systems in a multi-layered representation for safety and security analysis. Syst. Eng. 23, 189–210 (2020). https://doi.org/10.1002/sys.21509

    Article  Google Scholar 

  25. Pinto, R., Gonçalves, G., Tovar, E., Delsing, J.: Attack detection in cyber-physical production systems using the deterministic dendritic cell algorithm. In: 25th IEEE International Conference on Emerging Technologies and Factory Automation (ETFA), pp. 1552–1559. IEEE (2020). https://doi.org/10.1109/etfa46521.2020.9212021

  26. Endsley, M.R., Garland, D.J.: Theoretical underpinnings of situation awareness: a critical review. Situation Awareness Anal. Meas. 1, 3–21 (2000)

    Google Scholar 

  27. Endsley, M.R.: Toward a theory of situation awareness in dynamic systems. Hum. Factors 37, 32–64 (1995). https://doi.org/10.1518/001872095779049543

    Article  Google Scholar 

  28. Endsley, M.R.: Designing for Situation Awareness: An Approach to User-Centered Design. CRC Press (2016). https://doi.org/10.1201/9780203485088

  29. Jajodia, S., Liu, P., Swarup, V., Wang, C.: Cyber Situational Awareness. Springer, New York (2009). https://doi.org/10.1007/978-1-4419-0140-8

  30. Alkhadra, R., Abuzaid, J., AlShammari, M., Mohammad, N.: Solar winds hack: in-depth analysis and countermeasures. In: 12th International Conference on Computing Communication and Networking Technologies (ICCCNT), pp. 1–7 (2021). https://doi.org/10.1109/ICCCNT51525.2021.9579611

  31. Coco, A., Dias, T., van Benthem, T.: Illegal: the SolarWinds hack under international law. Eur. J. Int. Law 33, 1275–1286 (2022). https://doi.org/10.1093/ejil/chac063

    Article  Google Scholar 

  32. Martínez, J., Durán, J.M.: Software supply chain attacks, a threat to global cybersecurity: SolarWinds’ case study. Int. J. Saf. Secur. Eng. 11, 537–545 (2021). https://doi.org/10.18280/ijsse.110505

  33. Aakre, S., Aarland, M.: Når en høypålitelig organisasjon blir utsatt for en normalulykke. Praktisk økonomi finans 39, 34–47 (2023). https://doi.org/10.18261/pof.39.1.4

  34. Yin, R.K., Campbell, D.T.: Case Study Research and Applications: Design and Methods. SAGE Publications, Inc., Thousand Oaks, California (2018)

    Google Scholar 

  35. Braun, V., Clarke, V.: Thematic Analysis. American Psychological Association (2012)

    Google Scholar 

  36. Kaber, D.B., Endsley, M.R.: Team situation awareness for process control safety and performance. Process. Saf. Prog. 17, 43–48 (1998). https://doi.org/10.1002/prs.680170110

    Article  Google Scholar 

  37. Salmon, P.M., et al.: What really is going on? Review of situation awareness models for individuals and teams. Theor. Issues Ergon. Sci. 9, 297–323 (2008). https://doi.org/10.1080/14639220701561775

    Article  Google Scholar 

  38. Stanton, N.A., et al.: Distributed situation awareness in dynamic systems: theoretical development and application of an ergonomics methodology. Ergonomics 49, 1288–1311 (2006). https://doi.org/10.1080/00140130600612762

    Article  Google Scholar 

  39. Gjesvik, L.: Comparing Cyber Security. Critical Infrastructure Protection in Norway, the UK and Finland. NUPI Report (2019)

    Google Scholar 

  40. Gil, M., Albert, M., Fons, J., Pelechano, V.: Engineering human-in-the-loop interactions in cyber-physical systems. Inf. Softw. Technol. 126, 106349 (2020). https://doi.org/10.1016/j.infsof.2020.106349

    Article  Google Scholar 

  41. Endsley, M.R., Connors, E.S.: Foundation and challenges. In: Cyber Defense and Situational Awareness, pp. 7–27 (2014). https://doi.org/10.1007/978-3-319-11391-3_2

Download references

Acknowledgments

This work was supported by the Research Council of Norway (Norges Forskningsråd) under Project number 333900 “Situation awareness in virtual security operations centers” and Project number 310105 “Norwegian Centre for Cyber Security in Critical Sectors (NORCICS)”.

Author information

Authors and Affiliations

  1. Norwegian University of Science and Technology, Teknologiveien 22, 2815, Gjøvik, Norway

    Håvard Jakobsen Ofte & Sokratis Katsikas

Authors
  1. Håvard Jakobsen Ofte
    View author publications

    Search author on:PubMed Google Scholar

  2. Sokratis Katsikas
    View author publications

    Search author on:PubMed Google Scholar

Corresponding author

Correspondence to Håvard Jakobsen Ofte .

Editor information

Editors and Affiliations

  1. San Jose State University, San Jose, CA, USA

    Abbas Moallem

Ethics declarations

The first author was employed in a research position with Respondent 1 (See Table 1.) at the time of this study. The authors had no other known competing financial interests or personal relationships that could have appeared to influence the work reported in this paper.

Rights and permissions

Reprints and permissions

Copyright information

© 2024 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Ofte, H.J., Katsikas, S. (2024). Paralyzed or Compromised: A Case Study of Decisions in Cyber-Physical Systems. In: Moallem, A. (eds) HCI for Cybersecurity, Privacy and Trust. HCII 2024. Lecture Notes in Computer Science, vol 14729. Springer, Cham. https://doi.org/10.1007/978-3-031-61382-1_9

Download citation

Keywords

Publish with us

Policies and ethics

Profiles

  1. Håvard Jakobsen Ofte View author profile