学术文献库

The offshore oil and gas industry has recently been going through a digitalisation drive, with use of `smart' equipment using technologies like the Industrial Internet of Things (IIoT) and Industrial Cyber-Physical Systems (ICPS). There has also been a corresponding increase in cyber attacks targeted at oil and gas companies. Oil production offshore is usually in remote locations, requiring remote access and control. This is achieved by integrating ICPS, Supervisory, Control and Data Acquisition (SCADA) systems, and IIoT technologies. A successful cyber attack against an oil and gas offshore asset could have a devastating impact on the environment, marine ecosystem and safety of personnel. Any disruption to the world's supply of oil and gas (O\&G) can also have an effect on oil prices and in turn, the global economy. This makes it important to secure the industry against cyber threats. We describe the potential cyberattack surface within the oil and gas industry, discussing emerging trends in the offshore sub-sector, and provide a timeline of known cyberattacks. We also present a case study of a subsea control system architecture typically used in offshore oil and gas operations and highlight potential vulnerabilities affecting the components of the system. This study is the first to provide a detailed analysis on the attack vectors in a subsea control system and is crucial to understanding key vulnerabilities, primarily to implement efficient mitigation methods that safeguard the safety of personnel and the environment when using such systems.