scholarly journals Pandora’s Net

2015 ◽  
Vol 137 (01) ◽  
pp. 28-33
Author(s):  
Brittany Logan
Keyword(s):  
Control Systems ◽  
Supervisory Control ◽  
Soft Power ◽  
Critical Infrastructure ◽  
Industrial Processes ◽  
Computer Language ◽  
Physical Processes ◽  
Industrial Control ◽  
Industrial Control Systems ◽  
Scada Systems

This study analyses potential weaknesses of supervisory control and data acquisition (SCADA) systems and possible workarounds to safeguard the critical infrastructure. SCADA systems are the hardware and software that control and monitor infrastructure and industrial processes. In the world of energy, the industrial control systems monitoring the physical processes of machines are less tangible than the actual physical machines they control. One of the benefits of soft power is that it offers the ability to use coercive force and create confusion without using overt means. Disconnecting any unnecessary network connections and restricting personnel access to only essential programs will limit unwanted access to SCADA systems through backdoor networks. It has been recommended that the energy sector ought to implement back-up and defense-in-depth systems. The concept of a common computer language for SCADA has also been mentioned in the security community, but could come with challenges.

scholarly journals FALCON: Framework for Anomaly Detection in Industrial Control Systems

Electronics ◽  
2020 ◽  
Vol 9 (8) ◽  
pp. 1192 ◽  
Author(s):  
Subin Sapkota ◽  
A K M Nuhil Mehdy ◽  
Stephen Reese ◽  
Hoda Mehrpouyan
Keyword(s):  
Water Treatment ◽  
Anomaly Detection ◽  
Control Systems ◽  
Short Term Memory ◽  
Critical Infrastructure ◽  
Attack Detection ◽  
Support Vector ◽  
Physical Processes ◽  
Industrial Control ◽  
Industrial Control Systems

Industrial Control Systems (ICS) are used to control physical processes in critical infrastructure. These systems are used in a wide variety of operations such as water treatment, power generation and distribution, and manufacturing. While the safety and security of these systems are of serious concern, recent reports have shown an increase in targeted attacks aimed at manipulating physical processes to cause catastrophic consequences. This trend emphasizes the need for algorithms and tools that provide resilient and smart attack detection mechanisms to protect ICS. In this paper, we propose an anomaly detection framework for ICS based on a deep neural network. The proposed methodology uses dilated convolution and long short-term memory (LSTM) layers to learn temporal as well as long term dependencies within sensor and actuator data in an ICS. The sensor/actuator data are passed through a unique feature engineering pipeline where wavelet transformation is applied to the sensor signals to extract features that are fed into the model. Additionally, this paper explores four variations of supervised deep learning models, as well as an unsupervised support vector machine (SVM) model for this problem. The proposed framework is validated on Secure Water Treatment testbed results. This framework detects more attacks in a shorter period of time than previously published methods.

scholarly journals A review: towards practical attack taxonomy for industrial control systems

2018 ◽  
Vol 7 (2.14) ◽  
pp. 145 ◽  
Author(s):  
Qais Saif Qassim ◽  
Norziana Jamil ◽  
Razali Jidin ◽  
Mohd Ezanee Rusli ◽  
Md Nabil Ahmad Zawawi ◽  
...  
Keyword(s):  
Control Systems ◽  
Supervisory Control ◽  
Cyber Attacks ◽  
Critical Infrastructures ◽  
Cyber Attack ◽  
Industrial Control ◽  
Industrial Control Systems ◽  
Scada System ◽  
Water Transportation ◽  
Different Types

Supervisory Control and Data Acquisition (SCADA) system is the underlying control system of most national critical infrastructures such as power, energy, water, transportation and telecommunication. In order to understand the potential threats to these infrastructures and the mechanisms to protect them, different types of cyber-attacks applicable to these infrastructures need to be identified. Therefore, there is a significant need to have a comprehensive understanding of various types of cyber-attacks and its classification associated with both Opera-tion Technology (OT) and Information Technology (IT). This paper presents a comprehensive review of existing cyber-attack taxonomies available in the literature and evaluates these taxonomies based on defined criteria.  

A White Hat Study of a Nation's Publicly Accessible Critical Digital Infrastructure and a Way Forward

2020 ◽  
pp. 1672-1685
Author(s):  
Timo Kiravuo ◽  
Seppo Tiilikainen ◽  
Mikko Särelä ◽  
Jukka Manner
Keyword(s):  
Control Systems ◽  
Critical Infrastructure ◽  
The Internet ◽  
Address Space ◽  
Government Officials ◽  
Industrial Control ◽  
Industrial Control Systems ◽  
Playing Field ◽  
Internet Address ◽  
Nation States

The developed society depends on many critical infrastructure processes, such as power generation, water treatment, many types of manufacturing, and smart buildings. These processes need control and the automation industry has embraced the Internet to connect all these controls. However, the controlling devices thus opened to the world do not always have adequate safeguards to withstand malicious users. Many automation systems have default passwords or known and unknown backdoors. Also, often those systems are not updated to close security weaknesses found after original installation. The authors argue that while the industry is familiar with the notion of safety of equipment and processes, it has not focused enough on IT security. Several years ago the Shodan search engine showed how easy it is to find these control devices on the Internet. The authors followed this research line further by targeting one nation's IP address space with Shodan and found thousands of control systems, many of which represent models and versions with known vulnerabilities. Their first contribution is presenting these findings and analyzing their significance. Their study started in 2012 and the most recent results are from the end of 2015. To gain further knowledge, they have built a prototype scanner capable of finding industrial control systems. This lets the authors evaluate the possibility of performing routine scans to gauge the vulnerability of a nation. Their second contribution is to present a template for a national Internet scanning program. The authors discuss the technology, performance, and legality of such a program. Based on their findings and analysis they argue that nations should continuously monitor their own Internet address space for vulnerabilities. The authors' findings indicate that the current level of vulnerabilities is significant and unacceptable. Scanning a nation's critical infrastructure can be done in minutes, allowing them to keep a tight control of vulnerabilities. Yet, in addition, the authors need to extend current legislation and the rights of government officials to bring more security in national critical infrastructures; this discussion is their third contribution. The cyber-space has become a playing field for criminals, terrorists and nation states, all of which may have a motive to disrupt the daily life of a nation, and currently causing such disruptions is too easy.

scholarly journals Continents to Islands: The effect of widespread interconnectivity on critical infrastructure and legacy systems

2015 ◽  
Vol 3 (4) ◽  
pp. 77-83
Author(s):  
Kayne Naughton
Keyword(s):  
Control Systems ◽  
Critical Infrastructure ◽  
Legacy Systems ◽  
Industrial Control ◽  
Industrial Control Systems ◽  
Security Challenges ◽  
The World

Interconnected devices and the true ‘internet’ cause security challenges to organisations with critical legacy systems. This article discusses a number of legacy issues around Industrial Control Systems and ‘untouchable’ legacy devices and proposes a number of easy and effective mitigations to the practices that expose them to the world.

Patching our Critical Infrastructure

2013 ◽  
pp. 190-216 ◽  
Author(s):  
Konstantin Knorr
Keyword(s):  
Control Systems ◽  
Critical Infrastructure ◽  
Special Focus ◽  
Management Process ◽  
Industrial Control ◽  
Industrial Control Systems ◽  
Counter Measures ◽  
The Public ◽  
Security Standards ◽  
Active Measure

Worm epidemics such as Stuxnet and Conficker have raised great interest in the public and media lately and stressed the question of how our critical infrastructure can be protected against such attacks. Besides reactive measures like incident response, pro-active counter measures are required. Patch management is such an essential pro-active measure for the secure operation of our critical infrastructure. It is an indispensable activity which is required in many standards. This chapter focuses on patch and update management for industrial control systems that are part of our critical infrastructure. Standards for the automation of patch management and selected operational security standards are discussed in the context of patch management. The main contribution of the chapter is the definition and description of a standard conform patch management process for industrial control systems with special focus on the interaction between operator and vendor of such systems.

scholarly journals Decomposition and sequential-AND analysis of known cyber-attacks on critical infrastructure control systems

2020 ◽  
Vol 6 (1) ◽  
Author(s):  
Peter Maynard ◽  
Kieran McLaughlin ◽  
Sakir Sezer
Keyword(s):  
Control Systems ◽  
Critical Infrastructure ◽  
Cyber Attacks ◽  
Industrial Control ◽  
Comprehensive Overview ◽  
Industrial Control Systems ◽  
Attack Trees ◽  
Incident Reports ◽  
Detection Strategies ◽  
Cyber Kill Chain

Abstract We perform a detailed survey and analysis of the most significant attacks, which have targeted industrial control systems over the past decade, based on detailed incident reports from scientific and non-traditional resources. This work is the first that considers together a comprehensive set of real-world cyber-attacks with the purpose of deriving a set of common features focusing particularly on the process control network. Each attack is decomposed to provide a comprehensive overview followed by a discussion of the commonalities identified across attacks. To achieve this, each attack is modelled using Attack Trees with Sequential AND, and mapped to the industrial control system Cyber Kill Chain. We focus on the methods of intrusion rather than the identification of actors. This article can be read in two parts: first, an analysis of each attack, and secondly a discussion of the derived commonalities. The resulting commonalities can be used to develop improved detection strategies to detect modern adversarial techniques and tactics.

scholarly journals PROBLEMS OF PROTECTION OF CRITICALLY IMPORTANT INFRASTRUCTURE OBJECTS

2020 ◽  
pp. 31-39
Author(s):  
Natalia Lukova-Chuiko ◽  
Volodymyr Nakonechny ◽  
Serhiy Tolyupa ◽  
Ruslana Zyubina
Keyword(s):  
Control Systems ◽  
Critical Infrastructure ◽  
Third Party ◽  
National Strategy ◽  
The European Union ◽  
Rapid Progress ◽  
Close Attention ◽  
Industrial Control ◽  
Industrial Control Systems ◽  
The One

The paper deals with topical issues related to the protection of critical infrastructure, which depend on the survival of the human community. It is shown that rapid progress in the field of information technology, on the one hand, allows the modern economies of many countries to become inextricably interconnected; interfering with the work of critical infrastructure. The analysis of what are the true causes of such close attention to such objects by cyber terrorists. Top 10 major threats to industrial control systems are presented. The following steps determine the criticality of the infrastructure objects. The following is a list of 11 critical sectors and 37 relevant sub-sectors identified by the European Union. The answer is given to the question with which target countries should develop national strategies for the protection of critical infrastructure objects. A strategy for quantifying the level of security of critical infrastructure against the risk of third-party cybernetic exposure is proposed. The necessity to unite different elements of protection of critical infrastructure objects by states is substantiated. It is important that cybersecurity policies should be central to the protection of critical infrastructure. It is noted that not all national cybersecurity strategies provide the same place and relevance for critical infrastructure. It is noted that when developing a national strategy for the protection of critical infrastructure, it is important to compile a comprehensive list of all relevant national policies. It is concluded that today it is an important tool for the protection of critical infrastructure

Sign in / Sign up

Export Citation Format

Share Document