scholarly journals Methodology for Management of Information Security in Industrial Control Systems: A Proof of Concept aligned with Enterprise Objectives

2017 ◽  
Vol 2 (3) ◽  
pp. 88-99 ◽  
Author(s):  
Fabian Bustamante ◽  
Walter Fuertes ◽  
Paul Diaz ◽  
Theofilos Toulqueridis
Keyword(s):  
Information Security ◽  
Control Systems ◽  
Proof Of Concept ◽  
Industrial Control ◽  
Industrial Control Systems

Systematization of industrial control systems information security threats

2021 ◽  
Author(s):  
Julia Kuznetsova ◽  
Konstantin Sakharov ◽  
Igor Salov ◽  
Vladislav Kemkin ◽  
Boris Doroshenko ◽  
...  
Keyword(s):  
Information Security ◽  
Control Systems ◽  
Security Threats ◽  
Industrial Control ◽  
Industrial Control Systems

ENISA Study

2013 ◽  
pp. 105-143
Author(s):  
Rafal Leszczyna ◽  
Elyoenai Egozcue
Keyword(s):  
Information Security ◽  
Control Systems ◽  
Current View ◽  
Final Report ◽  
European Network ◽  
Industrial Control ◽  
Industrial Control Systems ◽  
International Context ◽  
Research Survey

In 2011, the European Network and Information Security Agency (ENISA) conducted a study in the domain of Industrial Control Systems (ICS). Its objective was to obtain the current view on the ICS protection primarily in Europe but also in the international context. The ‘portrait’ included threats, risks, and challenges in the area of ICS protection as well as national, pan European, and international initiatives on ICS security. The study was performed through desktop research, survey and interviews, and a meeting with all involved stakeholders. This chapter highlights the most relevant parts of the final report of the study. It focuses on the challenges to securing ICS identified during the research, but also presents the context and the methodology of the study. In response to the challenges, the seven recommendations of ENISA for protecting ICS are proposed.

Information Security Evaluation of the Key Equipment in Industrial Control Systems

2013 ◽  
Vol 336-338 ◽  
pp. 1640-1644
Author(s):  
Zhi Gang Zhang ◽  
Zhuo Lv ◽  
Shuang Xia Niu
Keyword(s):  
Control System ◽  
Information Security ◽  
Control Systems ◽  
Research Program ◽  
System Level ◽  
Security Evaluation ◽  
Industrial Control System ◽  
Industrial Control ◽  
Security Risks ◽  
Industrial Control Systems

This paper analyzes the information security risks faced by the industrial control systems, Propose the Information Security Evaluation on industrial control system based on the level protection assessment technology, The development of industrial control system from the device level , field-level and system-level three levels of information security evaluation, propose the next step in the research program.

scholarly journals MODELING AND VALIDATING A SECURE INTERCONNECTION BETWEEN INDUSTRIAL CONTROL SYSTEM AND CORPORATE NETWORK USING COLORED PETRI NET

2020 ◽  
Vol 12 (2) ◽  
pp. 45-61
Author(s):  
Adriano Borrego ◽  
Adilson Eduardo Guelfi ◽  
Anderson Aparecido Alves da Silva ◽  
Marcelo Teixeira de Azevedo ◽  
Norisvaldo Ferraz Jr ◽  
...  
Keyword(s):  
Best Practices ◽  
Control Systems ◽  
Process Improvement ◽  
Proof Of Concept ◽  
Industrial Control ◽  
Industrial Control Systems ◽  
Corporate Networks ◽  
Level Of Automation ◽  
Corporate Network ◽  
High Level

Industrial Control Systems (ICS) networks offer a high level of automation combined with high levels of control, quality,and process improvement. Since network corporate users have to access the ICS environment, these networks have to be interconnected. However, this interconnection can introduce risks to the systems and manufacturing processes, which leads to the need to ensure the interconnection is done safely. The objective of this paper is to perform modeling and validation of a proposed secure interconnection between ICS and corporate networks using Colored Petri Networks (CPN). In addition to the best practices published in related works, this paper recommends some integrated features like the use of terminal server service, secure manual uplinks, and unidirectional security gatewayto enhance environmental security. However, our main contribution is the validation process performed in a CPN, which made it possible to execute queries in the state space resulting from the simulation -that works as a proof of concept. As a result, thepaper presents a secure and validated model of interconnection between ICS and corporate networks, capable of being applied to any interconnection environment

scholarly journals A User-Friendly Verification Approach for IEC 61131-3 PLC Programs

Electronics ◽  
2020 ◽  
Vol 9 (4) ◽  
pp. 572 ◽  
Author(s):  
Jiawen Xiong ◽  
Gang Zhu ◽  
Yanhong Huang ◽  
Jianqi Shi
Keyword(s):  
Control Systems ◽  
Real Life ◽  
Programmable Logic ◽  
Proof Of Concept ◽  
Industrial Control ◽  
Industrial Control Systems ◽  
Specification Mining ◽  
Plc Program ◽  
User Friendly

Programmable logic controllers (PLCs) are special embedded computers that are widely used in industrial control systems. To ensure the safety of industrial control systems, it is necessary to verify the correctness of PLCs. Formal verification is considered to be an effective method to verify whether a PLC program conforms to its specifications, but the expertise requirements and the complexity make it hard to be mastered and widely applied. In this paper, we present a specification-mining-based verification approach for IEC 61131-3 PLC programs. It only requires users to review specifications mined from the program behaviors instead of model checking for specified specifications, which can greatly improve the efficiency of safety verification and is much easier for control system engineers to use. Moreover, we implement a proof-of-concept tool named PLCInspector that supports directly mining LTL specifications and data invariants from PLC programs. Two examples and one real-life case study are presented to illustrate its practicability and efficiency. In addition, a comparison with the existing verification approaches for PLC programs is discussed.

Sign in / Sign up

Export Citation Format

Share Document