scholarly journals Application Perspective on Cybersecurity Testbed for Industrial Control Systems

Sensors ◽  
2021 ◽  
Vol 21 (23) ◽  
pp. 8119
Author(s):  
Ondrej Pospisil ◽  
Petr Blazek ◽  
Karel Kuchar ◽  
Radek Fujdiak ◽  
Jiri Misurec
Keyword(s):  
Best Practices ◽  
Research And Development ◽  
Control Systems ◽  
Information Technologies ◽  
Lessons Learned ◽  
Industrial Control ◽  
Industrial Control Systems ◽  
Detection Systems ◽  
Physical Laboratory ◽  
New Challenges

In recent years, the Industry 4.0 paradigm has accelerated the digitalization process of the industry, and it slowly diminishes the line between information technologies (IT) and operational technologies (OT). Among the advantages, this brings up the convergence issue between IT and OT, especially in the cybersecurity-related topics, including new attack vectors, threats, security imperfections, and much more. This cause raised new topics for methods focused on protecting the industrial infrastructure, including monitoring and detection systems, which should help overcome these new challenges. However, those methods require high quality and a large number of datasets with different conditions to adapt to the specific systems effectively. Unfortunately, revealing field factory setups and infrastructure would be costly and challenging due to the privacy and sensitivity causes. From the lack of data emerges the new topic of industrial testbeds, including sub-real physical laboratory environments, virtual factories, honeynets, honeypots, and other areas, which helps to deliver sufficient datasets for mentioned research and development. This paper summarizes related works in the area of industrial testbeds. Moreover, it describes best practices and lessons learned for assembling physical, simulated, virtual, and hybrid testbeds. Additionally, a comparison of the essential parameters of those testbeds is presented. Finally, the findings and provided information reveal research and development challenges, which must be surpassed.

scholarly journals A survey of intrusion detection on industrial control systems

2018 ◽  
Vol 14 (8) ◽  
pp. 155014771879461 ◽  
Author(s):  
Yan Hu ◽  
An Yang ◽  
Hong Li ◽  
Yuyan Sun ◽  
Limin Sun
Keyword(s):  
Intrusion Detection ◽  
Control Systems ◽  
Internet Technology ◽  
Security Requirements ◽  
Intrusion Detection Systems ◽  
Industrial Control ◽  
Industrial Control Systems ◽  
Detection Systems ◽  
Advantages And Disadvantages ◽  
Detection Technology

The modern industrial control systems now exhibit an increasing connectivity to the corporate Internet technology networks so as to make full use of the rich resource on the Internet. The increasing interaction between industrial control systems and the outside Internet world, however, has made them an attractive target for a variety of cyber attacks, raising a great need to secure industrial control systems. Intrusion detection technology is one of the most important security precautions for industrial control systems. It can effectively detect potential attacks against industrial control systems. In this survey, we elaborate on the characteristics and the new security requirements of industrial control systems. After that, we present a new taxonomy of intrusion detection systems for industrial control systems based on different techniques: protocol analysis based, traffic mining based, and control process analysis based. In addition, we analyze the advantages and disadvantages of different categories of intrusion detection systems and discuss some future developments of intrusion detection systems for industrial control systems, in order to promote further research on intrusion detection technology for industrial control systems.

scholarly journals MODELING AND VALIDATING A SECURE INTERCONNECTION BETWEEN INDUSTRIAL CONTROL SYSTEM AND CORPORATE NETWORK USING COLORED PETRI NET

2020 ◽  
Vol 12 (2) ◽  
pp. 45-61
Author(s):  
Adriano Borrego ◽  
Adilson Eduardo Guelfi ◽  
Anderson Aparecido Alves da Silva ◽  
Marcelo Teixeira de Azevedo ◽  
Norisvaldo Ferraz Jr ◽  
...  
Keyword(s):  
Best Practices ◽  
Control Systems ◽  
Process Improvement ◽  
Proof Of Concept ◽  
Industrial Control ◽  
Industrial Control Systems ◽  
Corporate Networks ◽  
Level Of Automation ◽  
Corporate Network ◽  
High Level

Industrial Control Systems (ICS) networks offer a high level of automation combined with high levels of control, quality,and process improvement. Since network corporate users have to access the ICS environment, these networks have to be interconnected. However, this interconnection can introduce risks to the systems and manufacturing processes, which leads to the need to ensure the interconnection is done safely. The objective of this paper is to perform modeling and validation of a proposed secure interconnection between ICS and corporate networks using Colored Petri Networks (CPN). In addition to the best practices published in related works, this paper recommends some integrated features like the use of terminal server service, secure manual uplinks, and unidirectional security gatewayto enhance environmental security. However, our main contribution is the validation process performed in a CPN, which made it possible to execute queries in the state space resulting from the simulation -that works as a proof of concept. As a result, thepaper presents a secure and validated model of interconnection between ICS and corporate networks, capable of being applied to any interconnection environment

scholarly journals Cybersecurity Challenges in Industry: Measuring the Challenge Solve Time to Inform Future Challenges

Information ◽  
2020 ◽  
Vol 11 (11) ◽  
pp. 533
Author(s):  
Tiago Espinha Gasiba ◽  
Ulrike Lechner ◽  
Maria Pinto-Albuquerque
Keyword(s):  
Best Practices ◽  
Control Systems ◽  
Software Quality ◽  
Industrial Control ◽  
Software Developers ◽  
Industrial Control Systems ◽  
Secure Coding ◽  
Future Challenges ◽  
Industrial Software ◽  
Coding Guidelines

Cybersecurity vulnerabilities in industrial control systems have been steadily increasing over the last few years. One possible way to address this issue is through raising the awareness (through education) of software developers, with the intent to increase software quality and reduce the number of vulnerabilities. CyberSecurity Challenges (CSCs) are a novel serious game genre that aims to raise industrial software developers’ awareness of secure coding, secure coding guidelines, and secure coding best practices. An important industry-specific requirement to consider in designing these kinds of games is related to the whole event’s duration and how much time it takes to solve each challenge individually—the challenge solve time. In this work, we present two different methods to compute the challenge solve time: one method based on data collected from the CSC dashboard and another method based on a challenge heartbeat. The results obtained by both methods are presented; both methods are compared to each other, and the advantages and limitations of each method are discussed. Furthermore, we introduce the notion of a player profile, which is derived from dashboard data. Our results and contributions aim to establish a method to measure the challenge solve time, inform the design of future challenges, and improve coaching during CSC gameplay.

scholarly journals Demystifying Advanced Persistent Threats for Industrial Control Systems

2017 ◽  
Vol 139 (03) ◽  
pp. S13-S17 ◽  
Author(s):  
Anastasis Keliris ◽  
Michail Maniatakos
Keyword(s):  
Best Practices ◽  
Control Systems ◽  
Defense Mechanisms ◽  
Industrial Control ◽  
Industrial Control Systems ◽  
Advanced Persistent Threat ◽  
Continuous Type ◽  
Defensive Strategies ◽  
Advanced Persistent Threats ◽  
High Level

This article discusses a comprehensive methodology for designing an Advanced Persistent Threat (APT), which is a stealthy and continuous type of cyberattack with a high level of sophistication suitable for the complex environment of Industrial Control Systems (ICS). The article also explains defensive strategies that can assist in thwarting cyberattacks. The APT design process begins with Reconnaissance, which is continuously undertaken throughout the lifetime of a cyberattack campaign. With regard to securing the network infrastructure of an ICS, best practices for network security should be enforced. These could include the use of firewalls, Intrusion Detection or Prevention Systems (IDS/IPS), and network separation between corporate and field networks. A new field of research for securing ICS relates to process-aware defense mechanisms. These mechanisms analyze information directly from the field and try to detect anomalies specific to the physical characteristics of an ICS process.

scholarly journals Review of Anomaly Detection Systems in Industrial Control Systems Using Deep Feature Learning Approach

Engineering ◽  
2021 ◽  
Vol 13 (01) ◽  
pp. 30-44
Author(s):  
Raogo Kabore ◽  
Adlès Kouassi ◽  
Rodrigue N’goran ◽  
Olivier Asseu ◽  
Yvon Kermarrec ◽  
...  
Keyword(s):  
Anomaly Detection ◽  
Control Systems ◽  
Feature Learning ◽  
Learning Approach ◽  
Industrial Control ◽  
Industrial Control Systems ◽  
Detection Systems ◽  
Deep Feature ◽  
Deep Feature Learning

scholarly journals A three-tiered intrusion detection system for industrial control systems

2021 ◽  
Vol 7 (1) ◽  
Author(s):  
Eirini Anthi ◽  
Lowri Williams ◽  
Pete Burnap ◽  
Kevin Jones
Keyword(s):  
Intrusion Detection ◽  
Control Systems ◽  
Denial Of Service ◽  
Cyber Attacks ◽  
Network Activity ◽  
Intrusion Detection Systems ◽  
Industrial Control ◽  
Industrial Control Systems ◽  
Detection Systems ◽  
Attack Type

Abstract This article presents three-tiered intrusion detection systems, which uses a supervised approach to detect cyber-attacks in industrial control systems networks. The proposed approach does not only aim to identify malicious packets on the network but also attempts to identify the general and finer grain attack type occurring on the network. This is key in the industrial control systems environment as the ability to identify exact attack types will lead to an increased response rate to the incident and the defence of the infrastructure. More specifically, the proposed system consists of three stages that aim to classify: (i) whether packets are malicious; (ii) the general attack type of malicious packets (e.g. Denial of Service); and (iii) finer-grained cyber-attacks (e.g. bad cyclic redundancy check, attack). The effectiveness of the proposed intrusion detection systems is evaluated on network data collected from a real industrial gas pipeline system. In addition, an insight is provided as to which features are most relevant in detecting such malicious behaviour. The performance of the system results in an F-measure of: (i) 87.4%, (ii) 74.5% and (iii) 41.2%, for each of the layers, respectively. This demonstrates that the proposed architecture can successfully distinguish whether network activity is malicious and detect which general attack was deployed.

Developing Training Research to Improve Cyber Defense of Industrial Control Systems

2018 ◽  
Vol 62 (1) ◽  
pp. 1439-1443
Author(s):  
Matthew Canham ◽  
Stephen M. Fiore ◽  
Bruce D. Caulkins
Keyword(s):  
Control Systems ◽  
Private Information ◽  
Cyber Attacks ◽  
Automated Detection ◽  
Industrial Control ◽  
Industrial Control Systems ◽  
Detection Systems ◽  
Training Research ◽  
Human Operators ◽  
And Control

Cyber-attacks are a common aspect of modern life. While cyber based attacks can expose private information or shut down online services, some of the most potentially dangerous attacks change the sensor and control data utilized by Industrial Control Systems for the intended purpose of causing severe damage to the technical processes that these systems control. The damage caused by the Stuxnet worm is one of the most infamous examples of this type of attack. Because only the most advanced levels of adversaries are able to mount successful attacks against these systems, detecting them is extremely challenging. Automated detection systems have not yet evolved to the point of being capable of consistently and successfully detecting these attacks, and for this reason, human operators will need to be involved in Industrial Control Systems protection for the foreseeable future. We propose several potential training-based solutions to aid the defense of these systems.

Sign in / Sign up

Export Citation Format

Share Document