For critical infrastructures, technological developments regarding real-time data transmission and processing improve the system's operability and reliability. However, vulnerabilities are introduced in the case of implementing new remote access methods or where redundancy is low. At the national level, most critical infrastructures are connected, and, therefore, achieving a level of security and resilience is based on identifying a multitude of risks. In this respect, the reduction of risk to acceptable levels directly affects the quality of citizens' lives and decreases losses in the industry. This study starts from the threats to power systems, namely cyberattacks, which are much more dangerous, although less visible, to operators, and almost invisible to the public or the media. From this point of view, it was proved that the most vulnerable parts of the power system were human–machine interfaces, electrical equipment, Surveillance, Control, and Data Acquisition (SCADA) systems. This paper's main achievements include the simulation of cyberattacks on existing electrical equipment from a petrochemical plant (case study), which consists of modifying the remote data transmitted by the SCADA system. Two locations were submitted to simulated cyberattacks that were considered critical for the overall plant operation. Furthermore, the changes that occur following each fault resulting from the cyberattack and the influence of the electrical parameter changes upon the process flow were analyzed. Furthermore, by using Electrical Power System Analysis Software—ETAP—the changes that occur following each fault due to the cyberattack and the influence of the electrical parameter changes upon the process flow were analyzed. By considering the two malfunction events, the resilience assessment of the system was analyzed. In the second case, only partial resilience action, up to 40%, restored the operability of the industrial power plant.
Business Continuity for Critical Infrastructure Operators
