(151c) Cyber Incident Exercise for Safety Protection in Critical Infrastructure

The companies, especially owners of critical infrastructures (CIs), must build a correspondence process to cope with a serious incident beforehand. The conventional countermeasures are already prepared against expected troubles, such as machinery malfunctions, natural disasters and human mistakes, in order to make CIs in known safer states. CI field operators also are well trained against the troubles. In recent years, cyber-attacks become “Clear and Present Dangers”, and cause CIs in uncertain and unsafe states through industrial control systems (ICSs).

 Thus, the owner of CI should prepare countermeasures for the safety and security of ICS simultaneously. However, there are no perfect countermeasures for the above both, it is necessary to prepare a certain resilience inside CI operation fields that are supported by the field operators who should dynamically create and manage ICS-Emergency Response Team, ICS-Security Incident Response Team.

 In this paper, the authors would like to discuss about the following two problems.

1. Simultaneous achievement framework of safety and security in ICS
2. Personnel training methodology based on the framework.

Trial exercises, where almost 200 CI personals and security experts were joined, is also presented for an illustrative example to the framework and methodology.