Analysis of events involving the intentional release of hazardous substances from industrial facilities

Matteo Iaiani, Valeria Casson Moreno, Genserik Reniers, Alessandro Tugnoli, Valerio Cozzani*

*Corresponding author for this work

Research output: Contribution to journalArticleScientificpeer-review

6 Citations (Scopus)


Industrial infrastructures, in particular those where hazardous substances are stored or handled, may be the target of malicious acts aiming at the disruption of normal operations. In the present study a toolbox of complementary and synergic techniques (Correspondence Analysis (CA), Fishbone Diagrams, Cause-Consequence Chains, Adversary Sequence Diagram, Root Cause Analysis) was applied to the in-depth analysis of physical security- and cybersecurity-related events that affected the process industry. The unprecedented original set of information obtained provides novel insights concerning these events. Clear correlations among security threats, including cyber-threats, and specific industrial sectors, as well as among the final scenarios and the different security threats from which they originate were identified by CA. In particular, vandalism resulted strongly correlated with the transportation of hazardous substances, and theft of materials with oil and gas pipelines. When considering chemical and petrochemical sites, cyber-attacks and the use of improvised explosives resulted to be the most common attack modes performed by the threat actors. Personnel and vehicle gateways resulted key elements when designing the Physical Protection System (PPS) of a facility. Insiders having the permission to enter the site bypass such controls, and were responsible of several successful attacks. Overall, the results confirm the concreteness of security-related events in the process industry and provide an original structured and detailed insight on the attack patterns experienced to date. Moreover, the results and the data obtained provide a novel set of baseline information for the application of SVA (Security Vulnerability Assessment) or SRA (Security Risk Assessment) methodologies in facilities where hazardous substances are stored or processed.

Original languageEnglish
Article number107593
JournalReliability Engineering and System Safety
Publication statusPublished - 2021


  • Attack patterns
  • Chemical and process industry
  • Correspondence analysis
  • Intentional act
  • Past incident analysis
  • Security


Dive into the research topics of 'Analysis of events involving the intentional release of hazardous substances from industrial facilities'. Together they form a unique fingerprint.

Cite this