Limiting the Impact of Stealthy Attacks on Industrial Control Systems

Industrial control systems (ICS) are being used for surveillance and controlling numerous industrial process plants in national critical infrastructures. Supervisory control and data acquisition (SCADA) system is a core component in ICS systems for continuous monitoring and controlling these process plants. Legacy SCADA systems are working in isolated networks and using proprietary communication protocols which made them less exposed to cyber threats. In recent times, these ICS systems have been connected to Internet and corporate networks for data sharing and remote monitoring. They are also using open protocols and operating systems. This leads to vulnerabilities of the system to cyberattacks. Cybersecurity threats are more prevalent than ever in ICS systems. These attacks may be external or internal. Modbus is a widely deployed communication protocol for SCADA communications. There is no security in design of Modbus protocol, and it is vulnerable to numerous cyberattacks. In this paper, we worked for False Command Injection attack, False Access Injection attack, and replay attacks on Modbus protocol. Initially, a real-time SCADA testbed was set up, and we envisaged the impact of these attacks on Modbus protocol data using the testbed. In this work, we used local area network (LAN) environment only for simulating the attacks. We assumed that the attacks penetrated the LAN network. We proposed and developed (a) a method to detect replay attacks by incorporating time stamp and sequence number in Modbus communications and (b) a frame filtering module which will block unauthorized attacks like False Command Injection and False Access Injection attacks to reach programmable logic controller (PLC). Numbers of attacks were simulated and the performance of the method was measured using attack block rate (ABR). It blocked 97% of malicious Modbus transactions or attacks to reach the PLC. It protects SCADA systems from attackers, which is a core component of industrial control systems. The solution enhanced the security of SCADA systems with Modbus protocol.

Download Full-text

Measuring Impact of Cybersecurity on the Performance of Industrial Control Systems

Mechanical Engineering ◽

10.1115/1.2014-dec-5 ◽

2014 ◽

Vol 136 (12) ◽

pp. S4-S7 ◽

Cited By ~ 2

Author(s):

Keith Stouffer ◽

Rick Candell

Keyword(s):

Control Systems ◽

Power Plants ◽

Performance Metrics ◽

Industrial Process ◽

Transportation Systems ◽

Critical Infrastructures ◽

Industrial Control ◽

Industrial Control Systems ◽

Security Standards ◽

The Impact

This article examines the impact of cybersecurity on the performance of industrial control systems (ICS). Control systems are embedded in essentially all engineered systems, such as our cars, homes, offices, industrial plants, and in critical infrastructures such as power plants, water treatment plants, and transportation systems. To ensure the security of ICS, particularly for critical infrastructures, standards are being developed to ensure ICS cybersecurity. The NIST ICS cybersecurity testbed will be constructed to facilitate the measurement of industrial process performance for systems instrumented with cybersecurity technologies. This testbed will allow for validation of existing security standards and guidelines and will allow researchers to provide valuable feedback to the community on methods, practices, and pitfalls when applying a cybersecurity program to an ICS. Additional work will be required to identify new use cases and pertinent performance metrics. The testbed will provide an opportunity for collaboration between government, research institutions, and industry partners. Interested parties are encouraged to contact the authors directly to discuss opportunities for collaboration.

Download Full-text

Multi-Dimensional Data Fusion Intrusion Detection for Stealthy Attacks on Industrial Control Systems

2018 IEEE Global Communications Conference (GLOBECOM) ◽

10.1109/glocom.2018.8648131 ◽

2018 ◽

Author(s):

An Yang ◽

Xiaoshan Wang ◽

Yuyan Sun ◽

Yan Hu ◽

Zhiqiang Shi ◽

...

Keyword(s):

Intrusion Detection ◽

Data Fusion ◽

Control Systems ◽

Industrial Control ◽

Industrial Control Systems ◽

Stealthy Attacks

Download Full-text

SCIPS

International Journal of Cyber Warfare and Terrorism ◽

10.4018/ijcwt.2017040101 ◽

2017 ◽

Vol 7 (2) ◽

pp. 1-15 ◽

Cited By ~ 2

Author(s):

Allan Cook ◽

Richard G Smith ◽

Leandros Maglaras ◽

Helge Janicke

Keyword(s):

Control Systems ◽

Cyber Security ◽

Senior Executives ◽

Security Issue ◽

Industrial Control ◽

Industrial Control Systems ◽

Security Issues ◽

Awareness Campaigns ◽

Education And Awareness ◽

The Impact

The cyber threat to industrial control systems is an acknowledged security issue, but a qualified dataset to quantify the risk remains largely unavailable. Senior executives of facilities that operate these systems face competing requirements for investment budgets, but without an understanding of the nature of the threat, cyber security may not be a high priority. Education and awareness campaigns are established methods of raising the profile of security issues with stakeholders, but traditional techniques typically deliver generic messages to wide audiences, rather than tailoring the communications to those who understand the impact of organisational risks. This paper explores the use of experiential learning through serious games for senior executives, to develop mental models within which participants can frame the nature of the threat, thereby raising their cyber security awareness, and increasing their motivation to address the issue.

Download Full-text

Detecting and Handling Cyber-Attacks in Model Predictive Control of Chemical Processes

Mathematics ◽

10.3390/math6100173 ◽

2018 ◽

Vol 6 (10) ◽

pp. 173 ◽

Cited By ~ 14

Author(s):

Zhe Wu ◽

Fahad Albalawi ◽

Junfeng Zhang ◽

Zhihao Zhang ◽

Helen Durand ◽

...

Keyword(s):

Control Systems ◽

Predictive Control ◽

Chemical Processes ◽

Cyber Attacks ◽

Safe Operation ◽

Industrial Control ◽

Industrial Control Systems ◽

Predictive Controller ◽

Communication Control ◽

The Impact

Since industrial control systems are usually integrated with numerous physical devices, the security of control systems plays an important role in safe operation of industrial chemical processes. However, due to the use of a large number of control actuators and measurement sensors and the increasing use of wireless communication, control systems are becoming increasingly vulnerable to cyber-attacks, which may spread rapidly and may cause severe industrial incidents. To mitigate the impact of cyber-attacks in chemical processes, this work integrates a neural network (NN)-based detection method and a Lyapunov-based model predictive controller for a class of nonlinear systems. A chemical process example is used to illustrate the application of the proposed NN-based detection and LMPC methods to handle cyber-attacks.

Download Full-text