Process-Aware Cyberattacks for Thermal Desalination Plants

Published in The 14th ACM ASIA Conference on Computer and Communications Security (ACM ASIACCS 2019), 2019

[Website]

Abstract

In 2017, desalination industry was contracted to produce 99.8 million m3/d of fresh water globally. In regions with a natural shortage of fresh water, desalination contributes up to 70% of drinking water. While state-of-the-art research has focused on securing the power grid, water treatment plants, and other critical infrastructure, not much attention has been given towards desalination plants. In this work, we perform interdisciplinary cyber threat analysis on a desalination plant model, presenting cyberattacks and analyzing their effect on the plant performance and equipment both from economics and mechanical engineering perspective. Our analysis shows that cyber actors can perform extensive financial damage by affecting the performance of the plant. We also perform control volume analysis and finite element analysis studies to investigate the possibility of Stuxnet-like attacks with the potential to cause mechanical damage and equipment failure.