Cybersecurity
Human performance and automated operations: A regulatory perspective
| Document
|
Author Linn Iren Vestly Bergh, Kristian Solheim Teigen & Fredrik Dørum |
| Abstract The petroleum industry is becoming increasingly dependent on digital systems, and the companies have ambitious plans for increased use of digital technology – along the entire value chain. Increased levels of digitalisation present major opportunities for efficiency in the oil and gas industry and can also contribute to enhanced levels of resilience to major accident hazards. At the same time, new risks and uncertainties may be introduced. Based on developments in the industry and society in general, the Norwegian Petroleum Safety Authority (PSA) has in recent years pursued targeted knowledge development related to digitalisation and industrial cyber security. The PSA’s follow-up activities related to digitalisation initiatives in the industry have been based on input and experience from several knowledge development projects. In this paper we will give insight into the main regulatory strategies we have used to follow-up initiatives in the industry, present results from audits on automated drilling operations and discuss the results from the follow-up activities in light of current regulatory development. |
Challenging the Limits of Cognitive Systems Engineering and Ecological Interface Design: Commander’s Cyber Situational Awareness
| Document
|
Author Rob HUTTON, Hannah BLACKFORD, Kevin BENNETT, Nigel JONES, and Ade FISHER |
| Abstract Military commanders are increasingly required to understand more than just the physical terrain. Understanding activities in cyberspace and their impact on operations presents a number of challenges for military personnel, tech-savvy or not. This paper presents a cognitive systems engineering approach to providing visualization solutions to support commander decision making. An Ecological Interface Design (EID) approach was used. Challenges for supporting cyber situational awareness are described. |
Human and organisational factors in cybersecurity: applying STAMP to explore vulnerabilities
| Document
|
Author Andrew Wright, Gyuchan Thomas Jun |
| Abstract The human and organisational factors contributing to information security are still poorly understood, primarily due to a lack of research and absence of suitable techniques to assess complex digital systems. This paper presents the application of the System-Theoretic Accident Models and Process (STAMP) technique to the 2013/2014 Target Corporation data breach. The aims of the study are to investigate the causal factors using a systemic approach, and to demonstrate the benefits of the technique to information security applications. A number of critical control flaws were identified through the STAMP analysis include: i) poor external and internal communication/co-ordination of new threats and vulnerabilities; ii) inadequate learning from past events, internally and externally; iii) a lack of proactive security management to understand and learn from system successes and good practices as well as system failures; iv) ineffective management and co-ordination with the supply chain. |
Some implications of Software – Dominated Manufacturing for the ergonomics profession
| Document
|
Author Murray SINCLAIR, Carys SIEMIENIUCH and Michael HENSHAW |
| Abstract Whether or not manufacturing moves whole-heartedly to the paradigm of Cyber-Physical Systems of Systems as indicated first in the ‘Industrie 4.0’ programme in the FRG, there is little doubt that manufacturing will become software-dominated by 2025. This will have significant implications for ergonomists involved in manufacturing: for the nature of roles and jobs, for the design of workspaces and workplaces, and for the design of the interactions between humans and automation. The paper explores some of these implications. |
Development of Human Factors and Cybersecurity Objectives for Mobile Financial Service (MFS)
| Document
|
Author Stephen AMBORE, Edward APEH, Huseyin DOGAN, Christopher RICHARDSON, and David OSSELTON |
| Abstract Cybercrime is slowing down the adoption of Mobile Financial Service (MFS). Despite the existence of a strong technical infrastructure base for security and the benefits inherent in MFS, adoption has been slow. Highly resilient countermeasures for cybersecurity go beyond just providing technological controls to put in place measures to cater for the human element. This paper presents the findings of an analysis of the human factors issues in complex MFS Socio-Technical System (STS) and the objectives for mitigating these. |
Cyber-Physical Systems and Society: Some technology-based ‘key messages’ for ergonomics/human factors
| Document
|
Author Murray SINCLAIR, Paul PALMER and Carys SIEMIENIUCH |
| Abstract The paper reports some of the findings for the H2020 project, Road2CPS. This project was intended to provide advice to the European Commission, based on the outputs of 54 FP7 and H2020 projects plus 18 ARTEMIS and ECSEL industry-based project consortia, all in the area of Cyber-Physical Systems. One of the goals of this project was to identify gaps in the knowledge and applications coverage of CPS and provide recommendations regarding these. The paper reports briefly on the methodology that was used, and the ‘key messages’ arising from the analysis that are relevant to CIEHF academics and pracitioners. |
Automation and Cyber Security Risks on the Railways – the Human Factors implications
| Document
|
Author Eylem Thron & Shamal Faily |
| Abstract Automation improves rail passenger experience but may reduce cyber resilience because it fails to adequately account for human factors. Preliminary results from a study on signallers and automation confirms this, but judicious use of modelling tools may ensure design for automation considers this. |
