Challenges in Securing Industrial Control Systems Using Future Internet Technologies

2022 ◽  
pp. 561-586
Author(s):  
Mirjana D. Stojanović ◽  
Slavica V. Boštjančič Rakas
Keyword(s):  
Control Systems ◽  
Fog Computing ◽  
Future Internet ◽  
Future Research ◽  
Industrial Control ◽  
Industrial Control Systems ◽  
Internet Technologies ◽  
Scada Systems ◽  
Scada Networks ◽  
And Migration

This chapter explores challenges in securing industrial control systems (ICS) and Supervisory Control And Data Acquisition (SCADA) systems using Future Internet technologies. These technologies include cloud computing, fog computing, Industrial internet of things (IIoT), etc. The need to design specific security solutions for ICS/SCADA networks is explained. A brief overview of cyber vulnerabilities and threats in industrial control networks, cloud, and IoT environments is presented. The security of cloud-based SCADA systems is considered, including benefits and risks of SCADA migration to the cloud, challenges in securing such systems, and migration toward fog computing. Challenges in securing IIoT are addressed, including security risks and operational issues, key principles for securing IIoT, the functional security architecture, and the role of fog computing. Authors point out current standardization activities and trends in the area, and emphasize conclusions and future research directions.

Challenges in Securing Industrial Control Systems Using Future Internet Technologies

2020 ◽  
pp. 1-26
Author(s):  
Mirjana D. Stojanović ◽  
Slavica V. Boštjančič Rakas
Keyword(s):  
Control Systems ◽  
Fog Computing ◽  
Future Internet ◽  
Future Research ◽  
Industrial Control ◽  
Industrial Control Systems ◽  
Internet Technologies ◽  
Scada Systems ◽  
Scada Networks ◽  
And Migration

This chapter explores challenges in securing industrial control systems (ICS) and Supervisory Control And Data Acquisition (SCADA) systems using Future Internet technologies. These technologies include cloud computing, fog computing, Industrial internet of things (IIoT), etc. The need to design specific security solutions for ICS/SCADA networks is explained. A brief overview of cyber vulnerabilities and threats in industrial control networks, cloud, and IoT environments is presented. The security of cloud-based SCADA systems is considered, including benefits and risks of SCADA migration to the cloud, challenges in securing such systems, and migration toward fog computing. Challenges in securing IIoT are addressed, including security risks and operational issues, key principles for securing IIoT, the functional security architecture, and the role of fog computing. Authors point out current standardization activities and trends in the area, and emphasize conclusions and future research directions.

scholarly journals Pandora’s Net

2015 ◽  
Vol 137 (01) ◽  
pp. 28-33
Author(s):  
Brittany Logan
Keyword(s):  
Control Systems ◽  
Supervisory Control ◽  
Soft Power ◽  
Critical Infrastructure ◽  
Industrial Processes ◽  
Computer Language ◽  
Physical Processes ◽  
Industrial Control ◽  
Industrial Control Systems ◽  
Scada Systems

This study analyses potential weaknesses of supervisory control and data acquisition (SCADA) systems and possible workarounds to safeguard the critical infrastructure. SCADA systems are the hardware and software that control and monitor infrastructure and industrial processes. In the world of energy, the industrial control systems monitoring the physical processes of machines are less tangible than the actual physical machines they control. One of the benefits of soft power is that it offers the ability to use coercive force and create confusion without using overt means. Disconnecting any unnecessary network connections and restricting personnel access to only essential programs will limit unwanted access to SCADA systems through backdoor networks. It has been recommended that the energy sector ought to implement back-up and defense-in-depth systems. The concept of a common computer language for SCADA has also been mentioned in the security community, but could come with challenges.

scholarly journals Towards Real-Time Assessment of Industrial Control Systems (ICSs): A Framework for Future Research

2013 ◽  
Author(s):  
William P. Knowles ◽  
Daniel E Prince ◽  
David Hutchison ◽  
Jules Ferdinand Pagna Disso ◽  
Kevin Jones
Keyword(s):  
Control Systems ◽  
Real Time ◽  
Future Research ◽  
Industrial Control ◽  
Industrial Control Systems ◽  
Time Assessment

scholarly journals Soft Computing Techniques and Their Applications in Intel-ligent Industrial Control Systems: A Survey

2021 ◽  
Vol 16 (1) ◽  
Author(s):  
Zheng Wu ◽  
Huchang Liao ◽  
Keyu Lu ◽  
Edmundas Kazimieras Zavadskas
Keyword(s):  
Control Systems ◽  
Soft Computing ◽  
Information Acquisition ◽  
System Optimization ◽  
Computing Methods ◽  
Human Cognition ◽  
Future Research ◽  
Industrial Control ◽  
Industrial Control Systems ◽  
Soft Computing Techniques

Soft computing involves a series of methods that are compatible with imprecise information and complex human cognition. In the face of industrial control problems, soft computing techniques show strong intelligence, robustness and cost-effectiveness. This study dedicates to providing a survey on soft computing techniques and their applications in industrial control systems. The methodologies of soft computing are mainly classified in terms of fuzzy logic, neural computing, and genetic algorithms. The challenges surrounding modern industrial control systems are summarized based on the difficulties in information acquisition, the difficulties in modeling control rules, the difficulties in control system optimization, and the requirements for robustness. Then, this study reviews soft-computing-related achievements that have been developed to tackle these challenges. Afterwards, we present a retrospect of practical industrial control applications in the fields including transportation, intelligent machines, process industry as well as energy engineering. Finally, future research directions are discussed from different perspectives. This study demonstrates that soft computing methods can endow industry control processes with many merits, thus having great application potential. It is hoped that this survey can serve as a reference and provide convenience for scholars and practitioners in the fields of industrial control and computer science.

scholarly journals Position Paper: On Using Trusted Execution Environment to Secure COTS Devices for Accessing Industrial Control Systems

2021 ◽  
Author(s):  
Quanqi Ye ◽  
Heng Chuan Tan ◽  
Daisuke Mashima ◽  
Binbin Chen ◽  
Zbigniew Kalbarczyk
Keyword(s):  
Control Systems ◽  
Position Paper ◽  
Future Research ◽  
Industrial Control ◽  
Industrial Control Systems ◽  
It Systems ◽  
System Maintenance ◽  
Execution Environment ◽  
Commercial Off The Shelf ◽  
Trusted Execution Environment

Industrial Control Systems (ICS) are traditionally designed to operate in an "air-gapped" environment. With the advent of digital technologies, many ICS are adopting IT solutions to improve interoperability and operational efficiency. Thus, the air-gap assumption no longer holds in practice. Most ICS devices today are modernized with networking capabilities to facilitate system maintenance, upgrades, and troubleshooting. Since these devices are connected to the Internet, ICS networks face the same security threats as regular IT systems. In addition, ICS operators can connect commercial off-the-shelf (COTS) equipment to ICS networks to perform operational tasks. Those COTS devices are usually personal computers or even mobile devices, which can be infected with malware and become weapons against ICS. In this position paper, we examine the design challenges of establishing trust between COTS equipment and ICS. We also present some commonly used security solutions and discuss their deployment challenges due to issues caused by legacy systems. Finally, we introduce the Trusted Execution Environment (TEE), a technology commonly available on modern COTS devices, as a trust anchor for establishing secure communications with the ICS infrastructure. We discuss some research gaps related to the use of TEE and propose some recommendations to guide future research.

scholarly journals Risk Assessment For Industrial Control Systems Quantifying Availability Using Mean Failure Cost (MFC)

2015 ◽  
Vol 5 (3) ◽  
pp. 205-220 ◽  
Author(s):  
Qian Chen ◽  
Robert K. Abercrombie ◽  
Frederick T. Sheldon
Keyword(s):  
Risk Assessment ◽  
Control Systems ◽  
Durable Goods ◽  
Security Risk ◽  
Industrial Control ◽  
Industrial Control Systems ◽  
External Threats ◽  
Scada Systems ◽  
Food And Beverage ◽  
Failure Cost

Abstract 1 Industrial Control Systems (ICS) are commonly used in industries such as oil and natural gas, transportation, electric, water and wastewater, chemical, pharmaceutical, pulp and paper, food and beverage, as well as discrete manufacturing (e.g., automotive, aerospace, and durable goods.) SCADA systems are generally used to control dispersed assets using centralized data acquisition and supervisory control. Originally, ICS implementations were susceptible primarily to local threats because most of their components were located in physically secure areas (i.e., ICS components were not connected to IT networks or systems). The trend toward integrating ICS systems with IT networks (e.g., efficiency and the Internet of Things) provides significantly less isolation for ICS from the outside world thus creating greater risk due to external threats. Albeit, the availability of ICS/SCADA systems is critical to assuring safety, security and profitability. Such systems form the backbone of our national cyber-physical infrastructure. Herein, we extend the concept of mean failure cost (MFC) to address quantifying availability to harmonize well with ICS security risk assessment. This new measure is based on the classic formulation of Availability combined with Mean Failure Cost (MFC). The metric offers a computational basis to estimate the availability of a system in terms of the loss that each stakeholder stands to sustain as a result of security violations or breakdowns (e.g., deliberate malicious failures).

scholarly journals Detection and Blocking of Replay, False Command, and False Access Injection Commands in SCADA Systems with Modbus Protocol

2021 ◽  
Vol 2021 ◽  
pp. 1-15
Author(s):  
Rajesh L ◽  
Penke Satyanarayana
Keyword(s):  
Control Systems ◽  
Area Network ◽  
Core Component ◽  
Industrial Control ◽  
Industrial Control Systems ◽  
Modbus Protocol ◽  
Replay Attacks ◽  
Scada Systems ◽  
Process Plants ◽  
The Impact

Industrial control systems (ICS) are being used for surveillance and controlling numerous industrial process plants in national critical infrastructures. Supervisory control and data acquisition (SCADA) system is a core component in ICS systems for continuous monitoring and controlling these process plants. Legacy SCADA systems are working in isolated networks and using proprietary communication protocols which made them less exposed to cyber threats. In recent times, these ICS systems have been connected to Internet and corporate networks for data sharing and remote monitoring. They are also using open protocols and operating systems. This leads to vulnerabilities of the system to cyberattacks. Cybersecurity threats are more prevalent than ever in ICS systems. These attacks may be external or internal. Modbus is a widely deployed communication protocol for SCADA communications. There is no security in design of Modbus protocol, and it is vulnerable to numerous cyberattacks. In this paper, we worked for False Command Injection attack, False Access Injection attack, and replay attacks on Modbus protocol. Initially, a real-time SCADA testbed was set up, and we envisaged the impact of these attacks on Modbus protocol data using the testbed. In this work, we used local area network (LAN) environment only for simulating the attacks. We assumed that the attacks penetrated the LAN network. We proposed and developed (a) a method to detect replay attacks by incorporating time stamp and sequence number in Modbus communications and (b) a frame filtering module which will block unauthorized attacks like False Command Injection and False Access Injection attacks to reach programmable logic controller (PLC). Numbers of attacks were simulated and the performance of the method was measured using attack block rate (ABR). It blocked 97% of malicious Modbus transactions or attacks to reach the PLC. It protects SCADA systems from attackers, which is a core component of industrial control systems. The solution enhanced the security of SCADA systems with Modbus protocol.

scholarly journals Position Paper: On Using Trusted Execution Environment to Secure COTS Devices for Accessing Industrial Control Systems

2021 ◽  
Author(s):  
Quanqi Ye ◽  
Heng Chuan Tan ◽  
Daisuke Mashima ◽  
Binbin Chen ◽  
Zbigniew Kalbarczyk
Keyword(s):  
Control Systems ◽  
Position Paper ◽  
Future Research ◽  
Industrial Control ◽  
Industrial Control Systems ◽  
It Systems ◽  
System Maintenance ◽  
Execution Environment ◽  
Commercial Off The Shelf ◽  
Trusted Execution Environment

Industrial Control Systems (ICS) are traditionally designed to operate in an "air-gapped" environment. With the advent of digital technologies, many ICS are adopting IT solutions to improve interoperability and operational efficiency. Thus, the air-gap assumption no longer holds in practice. Most ICS devices today are modernized with networking capabilities to facilitate system maintenance, upgrades, and troubleshooting. Since these devices are connected to the Internet, ICS networks face the same security threats as regular IT systems. In addition, ICS operators can connect commercial off-the-shelf (COTS) equipment to ICS networks to perform operational tasks. Those COTS devices are usually personal computers or even mobile devices, which can be infected with malware and become weapons against ICS. In this position paper, we examine the design challenges of establishing trust between COTS equipment and ICS. We also present some commonly used security solutions and discuss their deployment challenges due to issues caused by legacy systems. Finally, we introduce the Trusted Execution Environment (TEE), a technology commonly available on modern COTS devices, as a trust anchor for establishing secure communications with the ICS infrastructure. We discuss some research gaps related to the use of TEE and propose some recommendations to guide future research.

Sign in / Sign up

Export Citation Format

Share Document