Cybersecurity Challenges in Industry: Measuring the Challenge Solve Time to Inform Future Challenges

Cybersecurity vulnerabilities in industrial control systems have been steadily increasing over the last few years. One possible way to address this issue is through raising the awareness (through education) of software developers, with the intent to increase software quality and reduce the number of vulnerabilities. CyberSecurity Challenges (CSCs) are a novel serious game genre that aims to raise industrial software developers’ awareness of secure coding, secure coding guidelines, and secure coding best practices. An important industry-specific requirement to consider in designing these kinds of games is related to the whole event’s duration and how much time it takes to solve each challenge individually—the challenge solve time. In this work, we present two different methods to compute the challenge solve time: one method based on data collected from the CSC dashboard and another method based on a challenge heartbeat. The results obtained by both methods are presented; both methods are compared to each other, and the advantages and limitations of each method are discussed. Furthermore, we introduce the notion of a player profile, which is derived from dashboard data. Our results and contributions aim to establish a method to measure the challenge solve time, inform the design of future challenges, and improve coaching during CSC gameplay.

Download Full-text

Sifu - a cybersecurity awareness platform with challenge assessment and intelligent coach

Cybersecurity ◽

10.1186/s42400-020-00064-4 ◽

2020 ◽

Vol 3 (1) ◽

Author(s):

Tiago Espinha Gasiba ◽

Ulrike Lechner ◽

Maria Pinto-Albuquerque

Keyword(s):

Real Life ◽

Critical Infrastructures ◽

Automatic Assessment ◽

Software Developers ◽

Software Vulnerabilities ◽

Secure Coding ◽

Industrial Software ◽

Industrial Standards ◽

Coding Guidelines ◽

Industrial Context

AbstractSoftware vulnerabilities, when actively exploited by malicious parties, can lead to catastrophic consequences. Proper handling of software vulnerabilities is essential in the industrial context, particularly when the software is deployed in critical infrastructures. Therefore, several industrial standards mandate secure coding guidelines and industrial software developers’ training, as software quality is a significant contributor to secure software. CyberSecurity Challenges (CSC) form a method that combines serious game techniques with cybersecurity and secure coding guidelines to raise secure coding awareness of software developers in the industry. These cybersecurity awareness events have been used with success in industrial environments. However, until now, these coached events took place on-site. In the present work, we briefly introduce cybersecurity challenges and propose a novel platform that allows these events to take place online. The introduced cybersecurity awareness platform, which the authors call Sifu, performs automatic assessment of challenges in compliance to secure coding guidelines, and uses an artificial intelligence method to provide players with solution-guiding hints. Furthermore, due to its characteristics, the Sifu platform allows for remote (online) learning, in times of social distancing. The CyberSecurity Challenges events based on the Sifu platform were evaluated during four online real-life CSC events. We report on three surveys showing that the Sifu platform’s CSC events are adequate to raise industry software developers awareness on secure coding.

Download Full-text

Survey on international standards and best practices for patch management of complex industrial control systems: the critical infrastructure of particle accelerators case study

International Journal of Critical Computer-Based Systems ◽

10.1504/ijccbs.2019.098812 ◽

2019 ◽

Vol 9 (1/2) ◽

pp. 115

Author(s):

Ugo Gentile ◽

Luigi Serio

Keyword(s):

Best Practices ◽

Control Systems ◽

Critical Infrastructure ◽

International Standards ◽

Particle Accelerators ◽

Industrial Control ◽

Industrial Control Systems

Download Full-text

MODELING AND VALIDATING A SECURE INTERCONNECTION BETWEEN INDUSTRIAL CONTROL SYSTEM AND CORPORATE NETWORK USING COLORED PETRI NET

Colloquium Exactarum ◽

10.5747/ce.2020.v12.n2.e318 ◽

2020 ◽

Vol 12 (2) ◽

pp. 45-61

Author(s):

Adriano Borrego ◽

Adilson Eduardo Guelfi ◽

Anderson Aparecido Alves da Silva ◽

Marcelo Teixeira de Azevedo ◽

Norisvaldo Ferraz Jr ◽

...

Keyword(s):

Best Practices ◽

Control Systems ◽

Process Improvement ◽

Proof Of Concept ◽

Industrial Control ◽

Industrial Control Systems ◽

Corporate Networks ◽

Level Of Automation ◽

Corporate Network ◽

High Level

Industrial Control Systems (ICS) networks offer a high level of automation combined with high levels of control, quality,and process improvement. Since network corporate users have to access the ICS environment, these networks have to be interconnected. However, this interconnection can introduce risks to the systems and manufacturing processes, which leads to the need to ensure the interconnection is done safely. The objective of this paper is to perform modeling and validation of a proposed secure interconnection between ICS and corporate networks using Colored Petri Networks (CPN). In addition to the best practices published in related works, this paper recommends some integrated features like the use of terminal server service, secure manual uplinks, and unidirectional security gatewayto enhance environmental security. However, our main contribution is the validation process performed in a CPN, which made it possible to execute queries in the state space resulting from the simulation -that works as a proof of concept. As a result, thepaper presents a secure and validated model of interconnection between ICS and corporate networks, capable of being applied to any interconnection environment

Download Full-text

Application Perspective on Cybersecurity Testbed for Industrial Control Systems

Sensors ◽

10.3390/s21238119 ◽

2021 ◽

Vol 21 (23) ◽

pp. 8119

Author(s):

Ondrej Pospisil ◽

Petr Blazek ◽

Karel Kuchar ◽

Radek Fujdiak ◽

Jiri Misurec

Keyword(s):

Best Practices ◽

Research And Development ◽

Control Systems ◽

Information Technologies ◽

Lessons Learned ◽

Industrial Control ◽

Industrial Control Systems ◽

Detection Systems ◽

Physical Laboratory ◽

New Challenges

In recent years, the Industry 4.0 paradigm has accelerated the digitalization process of the industry, and it slowly diminishes the line between information technologies (IT) and operational technologies (OT). Among the advantages, this brings up the convergence issue between IT and OT, especially in the cybersecurity-related topics, including new attack vectors, threats, security imperfections, and much more. This cause raised new topics for methods focused on protecting the industrial infrastructure, including monitoring and detection systems, which should help overcome these new challenges. However, those methods require high quality and a large number of datasets with different conditions to adapt to the specific systems effectively. Unfortunately, revealing field factory setups and infrastructure would be costly and challenging due to the privacy and sensitivity causes. From the lack of data emerges the new topic of industrial testbeds, including sub-real physical laboratory environments, virtual factories, honeynets, honeypots, and other areas, which helps to deliver sufficient datasets for mentioned research and development. This paper summarizes related works in the area of industrial testbeds. Moreover, it describes best practices and lessons learned for assembling physical, simulated, virtual, and hybrid testbeds. Additionally, a comparison of the essential parameters of those testbeds is presented. Finally, the findings and provided information reveal research and development challenges, which must be surpassed.

Download Full-text

Demystifying Advanced Persistent Threats for Industrial Control Systems

Mechanical Engineering ◽

10.1115/1.2017-mar-6 ◽

2017 ◽

Vol 139 (03) ◽

pp. S13-S17 ◽

Cited By ~ 1

Author(s):

Anastasis Keliris ◽

Michail Maniatakos

Keyword(s):

Best Practices ◽

Control Systems ◽

Defense Mechanisms ◽

Industrial Control ◽

Industrial Control Systems ◽

Advanced Persistent Threat ◽

Continuous Type ◽

Defensive Strategies ◽

Advanced Persistent Threats ◽

High Level

This article discusses a comprehensive methodology for designing an Advanced Persistent Threat (APT), which is a stealthy and continuous type of cyberattack with a high level of sophistication suitable for the complex environment of Industrial Control Systems (ICS). The article also explains defensive strategies that can assist in thwarting cyberattacks. The APT design process begins with Reconnaissance, which is continuously undertaken throughout the lifetime of a cyberattack campaign. With regard to securing the network infrastructure of an ICS, best practices for network security should be enforced. These could include the use of firewalls, Intrusion Detection or Prevention Systems (IDS/IPS), and network separation between corporate and field networks. A new field of research for securing ICS relates to process-aware defense mechanisms. These mechanisms analyze information directly from the field and try to detect anomalies specific to the physical characteristics of an ICS process.

Download Full-text