Building a Cybersecurity Culture in the Industrial Control System Environment

Cybersecurity in industrial control system environments has become a significant concern and is even more relevant in the context of critical infrastructures where control system disruption could have a profound impact on health, safety and the environment. This makes this type of system a major target for malicious activities. Notwithstanding an organization’s interest in protecting its industrial control systems against cyber-attacks, the implementation of security measures, whether technical, organizational or human, still faces resistance and is often seen as a constraint. Using the best technology to protect industrial control systems makes no sense if persons with access do not act attentively and protectively. Technical and human cybersecurity measures are intrinsically linked, and it is essential that all persons with access to these systems are fully aware of the inherent cyber risks. Organizations must also act so that staff receive appropriate training on how to keep systems continuously protected against cyber-attack when carrying out their daily tasks. These educational processes can contribute to building an effective cybersecurity culture fully reflective of management and staff attitudes, so that the availability, integrity and confidentiality of information in industrial control systems can be assured.

Download Full-text

A review: towards practical attack taxonomy for industrial control systems

International Journal of Engineering & Technology ◽

10.14419/ijet.v7i2.14.12815 ◽

2018 ◽

Vol 7 (2.14) ◽

pp. 145 ◽

Cited By ~ 1

Author(s):

Qais Saif Qassim ◽

Norziana Jamil ◽

Razali Jidin ◽

Mohd Ezanee Rusli ◽

Md Nabil Ahmad Zawawi ◽

...

Keyword(s):

Control Systems ◽

Supervisory Control ◽

Cyber Attacks ◽

Critical Infrastructures ◽

Cyber Attack ◽

Industrial Control ◽

Industrial Control Systems ◽

Scada System ◽

Water Transportation ◽

Different Types

Supervisory Control and Data Acquisition (SCADA) system is the underlying control system of most national critical infrastructures such as power, energy, water, transportation and telecommunication. In order to understand the potential threats to these infrastructures and the mechanisms to protect them, different types of cyber-attacks applicable to these infrastructures need to be identified. Therefore, there is a significant need to have a comprehensive understanding of various types of cyber-attacks and its classification associated with both Opera-tion Technology (OT) and Information Technology (IT). This paper presents a comprehensive review of existing cyber-attack taxonomies available in the literature and evaluates these taxonomies based on defined criteria.

Download Full-text

Specification of the Current State Vulnerabilities Related to Industrial Control Systems

International Journal of Online Engineering (iJOE) ◽

10.3991/ijoe.v11i5.4981 ◽

2015 ◽

Vol 11 (5) ◽

pp. 64

Author(s):

Jan Vávra ◽

Martin Hromada ◽

Roman Jašek

Keyword(s):

Control System ◽

Control Systems ◽

Fundamental Question ◽

Industrial Control System ◽

Security Risk ◽

Considerable Effort ◽

Industrial Control ◽

Industrial Control Systems ◽

Current State ◽

True Distribution

The contemporary trend of increasing connectivity, interoperability and efficiency of technologies, which are used in organizations, also affected Industrial Control System (further only ICS). The recently isolated system is becoming more dependent on interconnection with external technologies. This leads to a formation of new vulnerabilities, which are significant threats to ICS. For this reason, it is necessary to devote considerable effort to analyze vulnerabilities. Neglecting of this area could lead to damage or unavailability of ICS services. The purpose of the article is to evaluate vulnerabilities related to individual elements of ICS. The fundamental question of the article is to find a true distribution of security risk related to ICS.

Download Full-text

Digital Forensic Analysis of Industrial Control Systems Using Sandboxing: A Case of WAMPAC Applications in the Power Systems

Energies ◽

10.3390/en12132598 ◽

2019 ◽

Vol 12 (13) ◽

pp. 2598

Author(s):

Asif Iqbal ◽

Farhan Mahmood ◽

Mathias Ekstedt

Keyword(s):

Power Systems ◽

Control Systems ◽

Forensic Analysis ◽

Cyber Attacks ◽

Power Grids ◽

Cyber Attack ◽

Industrial Control ◽

Industrial Control Systems ◽

Daubert Standard ◽

And Control

In today’s connected world, there is a tendency of connectivity even in the sectors which conventionally have been not so connected in the past, such as power systems substations. Substations have seen considerable digitalization of the grid hence, providing much more available insights than before. This has all been possible due to connectivity, digitalization and automation of the power grids. Interestingly, this also means that anybody can access such critical infrastructures from a remote location and gone are the days of physical barriers. The power of connectivity and control makes it a much more challenging task to protect critical industrial control systems. This capability comes at a price, in this case, increasing the risk of potential cyber threats to substations. With all such potential risks, it is important that they can be traced back and attributed to any potential threats to their roots. It is extremely important for a forensic investigation to get credible evidence of any cyber-attack as required by the Daubert standard. Hence, to be able to identify and capture digital artifacts as a result of different attacks, in this paper, the authors have implemented and improvised a forensic testbed by implementing a sandboxing technique in the context of real time-hardware-in-the-loop setup. Newer experiments have been added by emulating the cyber-attacks on WAMPAC applications, and collecting and analyzing captured artifacts. Further, using sandboxing for the first time in such a setup has proven helpful.

Download Full-text

Analysis of Cyber Threats in the Connection Section of the Control System and Countermeasures Required

Turkish Journal of Computer and Mathematics Education (TURCOMAT) ◽

10.17762/turcomat.v12i6.1831 ◽

2021 ◽

Vol 12 (6) ◽

pp. 412-417

Author(s):

Yangha Chun

Keyword(s):

Control System ◽

Control Systems ◽

Real Life ◽

Information Storage ◽

Control Network ◽

Security Measures ◽

Industrial Control ◽

Industrial Control Systems ◽

Cyber Threats ◽

Cyber Threat

In the past, the general practice for the control system network that manages and controls industrial facilities such as electric power, gas, oil, water, chemicals, automobiles, etc. was to install and operate this as an independent system, but over time the practice has gradually shifted toward the use of an open and standardized system. Until recently, most industrial control systems consisted of an independent network, and the possibility of cyber threat infringement was very low. As information storage media such as laptops or USB are connected to the control system for maintenance or management purposes, the possibility of cyber infringement is increasing. When the use of the control system's operational information increases due to beingVinked with the internal business system network or the Internet, countermeasures against external cyber threats must be provided.This paper analyzes and organizes the cyber threat factors that exist in the linking section connected to the industrial control system and other networks, examining domestic and foreign incidents of hacking of control systems to identify the vulnerabilities and security measures for each scenario in the control system network linkage section. Through this analysis, a method is suggested for establishing a control network that secures both availability and security, which are important in the control system, as well as the safe relay system in the configuration of the linkage between the control network and the business network, while addressing the vulnerabilities in the structure due to long-term use of the control system.This study analyzes cyber threat factors and real-life examples of infringements with the aim of providing approaches that will ensure industrial control systems can be operated safely and the risk of cyber hacking threats that occur in connection with other networks can be managed, and suggesting cyber security measures for the control system connection sections.

Download Full-text

Analyzing the Impact of Cybersecurity on Monitoring and Control Systems in the Energy Sector

Energies ◽

10.3390/en15010218 ◽

2021 ◽

Vol 15 (1) ◽

pp. 218

Author(s):

Mohammed Alghassab

Keyword(s):

Control System ◽

Control Systems ◽

Cyber Security ◽

Energy Sector ◽

Industrial Control System ◽

Monitoring And Control ◽

Industrial Control ◽

Industrial Control Systems ◽

Monitoring And Control Systems ◽

And Control

Monitoring and control systems in the energy sector are specialized information structures that are not governed by the same information technology standards as the rest of the world’s information systems. Such industrial control systems are also used to handle important infrastructures, including smart grids, oil and gas facilities, nuclear power plants, water management systems, and so on. Industry equipment is handled by systems connected to the internet, either via wireless or cable connectivity, in the present digital age. Further, the system must work without fail, with the system’s availability rate being of paramount importance. Furthermore, to certify that the system is not subject to a cyber-attack, the entire system must be safeguarded against cyber security vulnerabilities, threats, and hazards. In addition, the article looks at and evaluates cyber security evaluations for industrial control systems, as well as their possible impact on the accessibility of industrial control system operations in the energy sector. This research work discovers that the hesitant fuzzy-based method of the Analytic Hierarchy Process (AHP) and the Technique for Order of Preference by Similarity to Ideal Solution (TOPSIS) is an operational procedure for estimating industrial control system cyber security assessments by understanding the numerous characteristics and their impacts on cyber security industrial control systems. The author evaluated the outputs of six distinct projects to determine the quality of the outcomes and their sensitivity. According to the results of the robustness analysis, alternative 1 shows the utmost effective cybersecurity project for the industrial control system. This research work will be a conclusive reference for highly secure and managed monitoring and control systems.

Download Full-text

Information Security Evaluation of the Key Equipment in Industrial Control Systems

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.336-338.1640 ◽

2013 ◽

Vol 336-338 ◽

pp. 1640-1644

Author(s):

Zhi Gang Zhang ◽

Zhuo Lv ◽

Shuang Xia Niu

Keyword(s):

Control System ◽

Information Security ◽

Control Systems ◽

Research Program ◽

System Level ◽

Security Evaluation ◽

Industrial Control System ◽

Industrial Control ◽

Security Risks ◽

Industrial Control Systems

This paper analyzes the information security risks faced by the industrial control systems, Propose the Information Security Evaluation on industrial control system based on the level protection assessment technology, The development of industrial control system from the device level , field-level and system-level three levels of information security evaluation, propose the next step in the research program.

Download Full-text

Cyber-Security for ICS/SCADA

Cyber Warfare and Terrorism ◽

10.4018/978-1-7998-2466-4.ch038 ◽

2020 ◽

pp. 613-630

Author(s):

Barend Pretorius ◽

Brett van Niekerk

Keyword(s):

South Africa ◽

Control System ◽

Control Systems ◽

Cyber Security ◽

Cyber Attacks ◽

Physical Damage ◽

Industrial Control ◽

Industrial Control Systems ◽

Nation States ◽

National Infrastructure

Industrial control systems (ICS) or supervisory, control, and data acquisition (SCADA) systems drive many key components of the national infrastructure. It makes these control systems targets for cyber-attacks by terrorists and nation-states who wish to damage their target economically and socially, and cyber-criminals who blackmail the companies operating the infrastructure. Despite the high risk of leaving these systems exposed, providing adequate cyber-security is often challenging. The Stuxnet worm illustrated how vulnerable control systems potentially are when it bypassed a number of security mechanisms to cause physical damage to an Iranian nuclear facility. The article focuses on ICS/SCADA in South Africa discussing the unique challenges and legislation relate to securing control system in the South Africa. A governance and security framework for overcoming these challenges are proposed.

Download Full-text

Research of Smart Gird Functional Safety Certification

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.263-266.3168 ◽

2012 ◽

Vol 263-266 ◽

pp. 3168-3173

Author(s):

Xiu Li Huang ◽

Tao Zhang ◽

Yuan Yuan Ma ◽

Yu Fei Wang ◽

Ye Hua

Keyword(s):

Control System ◽

Smart Grid ◽

Control Systems ◽

Evaluation Process ◽

Functional Safety ◽

Industrial Control System ◽

Industrial Control ◽

Industrial Control Systems ◽

Security Issues ◽

Safety Certification

With the increasing number of attacks against industrial control systems, functions security issues of the smart grid industrial control system gradually become the focus of research in the field of smart grid. This paper introduced smart grid industrial control systems threats which faced and incidents firstly, and analyzed the current situation of the functional safety certification, including certification bodies, certification tools and certification classes; Then, researched the smart grid industrial control system functional safety certification, gave the content of the smart grid industrial control system functional safety certification, and made the design of its hardware evaluation process; Finally, we discuss the research status of functional safety certification, and pointed out the problems that the smart grid industrial control system functional safety faces.

Download Full-text

Cyber-Attacks on Remote State Estimation in Industrial Control System: A Game-Based Framework

Information Security and Cryptology - Lecture Notes in Computer Science ◽

10.1007/978-3-319-54705-3_27 ◽

2017 ◽

pp. 431-450 ◽

Cited By ~ 1

Author(s):

Cong Chen ◽

Dongdai Lin

Keyword(s):

Control System ◽

State Estimation ◽

Cyber Attacks ◽

Industrial Control System ◽

Industrial Control ◽

System A ◽

Remote State Estimation

Download Full-text

Situation awareness framework for industrial control system based on cyber kill chain

MATEC Web of Conferences ◽

10.1051/matecconf/202133602013 ◽

2021 ◽

Vol 336 ◽

pp. 02013

Author(s):

Yufei Wang ◽

Tengbiao Zhang ◽

Qian Ye

Keyword(s):

Control System ◽

Control Systems ◽

Situation Awareness ◽

Cyber Security ◽

Reference Architecture ◽

Industrial Control System ◽

Industrial Control ◽

Industrial Control Systems ◽

High Level ◽

Cyber Kill Chain

Information and cyber security of Industrial Control Systems (ICS) has gained considerable importance. Situation Awareness (SA) is an exciting mechanism to achieve the perception, comprehension and projection of the ICS information security status. Based on the Purdue Enterprise Reference Architecture (PERA), a situation awareness framework for ICS is presented considering the ICS cyber kill chain. The proposed framework consists of IT SA Centre, OT SA Centre, and Comprehensive SA Centre. Comprehensive SA Centre is responsible for creating and maintaining an integrated and high level of security visibility into the whole environments. The introduced framework can be used to guide the development of the situation awareness infrastructure in organization with industrial control systems.

Download Full-text