scholarly journals Risk Assessment For Industrial Control Systems Quantifying Availability Using Mean Failure Cost (MFC)

2015 ◽  
Vol 5 (3) ◽  
pp. 205-220 ◽  
Author(s):  
Qian Chen ◽  
Robert K. Abercrombie ◽  
Frederick T. Sheldon
Keyword(s):  
Risk Assessment ◽  
Control Systems ◽  
Durable Goods ◽  
Security Risk ◽  
Industrial Control ◽  
Industrial Control Systems ◽  
External Threats ◽  
Scada Systems ◽  
Food And Beverage ◽  
Failure Cost

Abstract 1 Industrial Control Systems (ICS) are commonly used in industries such as oil and natural gas, transportation, electric, water and wastewater, chemical, pharmaceutical, pulp and paper, food and beverage, as well as discrete manufacturing (e.g., automotive, aerospace, and durable goods.) SCADA systems are generally used to control dispersed assets using centralized data acquisition and supervisory control. Originally, ICS implementations were susceptible primarily to local threats because most of their components were located in physically secure areas (i.e., ICS components were not connected to IT networks or systems). The trend toward integrating ICS systems with IT networks (e.g., efficiency and the Internet of Things) provides significantly less isolation for ICS from the outside world thus creating greater risk due to external threats. Albeit, the availability of ICS/SCADA systems is critical to assuring safety, security and profitability. Such systems form the backbone of our national cyber-physical infrastructure. Herein, we extend the concept of mean failure cost (MFC) to address quantifying availability to harmonize well with ICS security risk assessment. This new measure is based on the classic formulation of Availability combined with Mean Failure Cost (MFC). The metric offers a computational basis to estimate the availability of a system in terms of the loss that each stakeholder stands to sustain as a result of security violations or breakdowns (e.g., deliberate malicious failures).

scholarly journals Specification of the Current State Vulnerabilities Related to Industrial Control Systems

2015 ◽  
Vol 11 (5) ◽  
pp. 64
Author(s):  
Jan Vávra ◽  
Martin Hromada ◽  
Roman Jašek
Keyword(s):  
Control System ◽  
Control Systems ◽  
Fundamental Question ◽  
Industrial Control System ◽  
Security Risk ◽  
Considerable Effort ◽  
Industrial Control ◽  
Industrial Control Systems ◽  
Current State ◽  
True Distribution

The contemporary trend of increasing connectivity, interoperability and efficiency of technologies, which are used in organizations, also affected Industrial Control System (further only ICS). The recently isolated system is becoming more dependent on interconnection with external technologies. This leads to a formation of new vulnerabilities, which are significant threats to ICS. For this reason, it is necessary to devote considerable effort to analyze vulnerabilities. Neglecting of this area could lead to damage or unavailability of ICS services. The purpose of the article is to evaluate vulnerabilities related to individual elements of ICS. The fundamental question of the article is to find a true distribution of security risk related to ICS.

scholarly journals Pandora’s Net

2015 ◽  
Vol 137 (01) ◽  
pp. 28-33
Author(s):  
Brittany Logan
Keyword(s):  
Control Systems ◽  
Supervisory Control ◽  
Soft Power ◽  
Critical Infrastructure ◽  
Industrial Processes ◽  
Computer Language ◽  
Physical Processes ◽  
Industrial Control ◽  
Industrial Control Systems ◽  
Scada Systems

This study analyses potential weaknesses of supervisory control and data acquisition (SCADA) systems and possible workarounds to safeguard the critical infrastructure. SCADA systems are the hardware and software that control and monitor infrastructure and industrial processes. In the world of energy, the industrial control systems monitoring the physical processes of machines are less tangible than the actual physical machines they control. One of the benefits of soft power is that it offers the ability to use coercive force and create confusion without using overt means. Disconnecting any unnecessary network connections and restricting personnel access to only essential programs will limit unwanted access to SCADA systems through backdoor networks. It has been recommended that the energy sector ought to implement back-up and defense-in-depth systems. The concept of a common computer language for SCADA has also been mentioned in the security community, but could come with challenges.

Challenges in Securing Industrial Control Systems Using Future Internet Technologies

2022 ◽  
pp. 561-586
Author(s):  
Mirjana D. Stojanović ◽  
Slavica V. Boštjančič Rakas
Keyword(s):  
Control Systems ◽  
Fog Computing ◽  
Future Internet ◽  
Future Research ◽  
Industrial Control ◽  
Industrial Control Systems ◽  
Internet Technologies ◽  
Scada Systems ◽  
Scada Networks ◽  
And Migration

This chapter explores challenges in securing industrial control systems (ICS) and Supervisory Control And Data Acquisition (SCADA) systems using Future Internet technologies. These technologies include cloud computing, fog computing, Industrial internet of things (IIoT), etc. The need to design specific security solutions for ICS/SCADA networks is explained. A brief overview of cyber vulnerabilities and threats in industrial control networks, cloud, and IoT environments is presented. The security of cloud-based SCADA systems is considered, including benefits and risks of SCADA migration to the cloud, challenges in securing such systems, and migration toward fog computing. Challenges in securing IIoT are addressed, including security risks and operational issues, key principles for securing IIoT, the functional security architecture, and the role of fog computing. Authors point out current standardization activities and trends in the area, and emphasize conclusions and future research directions.

Sign in / Sign up

Export Citation Format

Share Document