Ichiro Koshijima scite author profile

Abstract:Purpose: In order to leverage automation control data, Industry 4.0 manufacturing systems require industrial devices to be connected to the network. Potentially, this can increase the risk of cyberattacks, which can compromise connected industrial devices to acquire production data or gain control over the production process. Search engines such as Sentient Hyper-Optimized Data Access Network (SHODAN) can be perverted by attackers to acquire network information that can be later used for intrusion. To prevent this, cybersecurity standards propose network architectures divided into several networks segments based on system functionalities. In this architecture, Firewalls limit the exposure of industrial control devices in order to minimize security risks. This paper presents a novel Software Defined Networking (SDN) Firewall that automatically applies this standard architecture without compromising network flexibility.Design/methodology/approach: The proposed SDN Firewall changes filtering rules in order to implement the different network segments according to application level access control policies. The Firewall applies two filtering techniques described in this paper: temporal filtering and spatial filtering, so that only applications in a white list can connect to industrial control devices. Network administrators need only to configure this application-oriented white lists to comply with security standards for ICS. This simplifies to a great extent network management tasks. Authors have developed a prototype implementation based on the OPC UA Standard and conducted security tests in order to test the viability of the proposal.Findings: Network segmentation and segregation are effective counter-measures against network scanning attacks. The proposed SDN Firewall effectively configures a flat network into virtual LAN segments according to security standard guidelines. Research limitations/implications:The prototype implementation still needs to implement several features to exploit the full potential of the proposal. Next steps for development are discussed in a separate section. Practical implications:The proposed SDN Firewall has similar security features to commercially available application Firewalls, but SDN Firewalls offer additional security features. First, SDN technology provides improved performance, since SDN low-level processing functions are much more efficient. Second, with SDN, security functions are rooted in the network instead of being centralized in particular -318-Journal of Industrial Engineering and Management -https://doi.org/10.3926/jiem.2534 network elements. Finally, SDN provides a more flexible and dynamic, zero configuration framework for secure manufacturing systems by automating the rollout of security standard-based network architectures.Social implications: SDN Firewalls can facilitate the deployment of secure Industry 4.0 manufacturing systems, since they provide ICS networks with many of the needed security capabilities without compromising flexibility.Originality/va...

show abstract

ICS Honeypot System (CamouflageNet) Based on Attacker's Human Factors

Naruoka

Matsuta

Machii

et al. 2015

Procedia Manufacturing

View full text Add to dashboard Cite

In order to protect ICS (Industrial Control System), there are many discussions about ICS security from the viewpoint of cyber defenders. ICS, however, has its specific difficulties to install IT security means such as antivirus with firewall software, because of its 24 hour-a-day, 365 days-a-year non-stop operation under the safety first culture. Comparing IT system, ICS has a certain advantage related to handling against cyber-attacks with operation staffs and safety devices installed in a plant. It is indispensable to fully utilize this advantage, ant at the same time, it is necessary to create leeway in terms of mental and time state to start staff's situated actions based on the safety training. In order to prepare maximum leeway and to prevent effective and concentrated cyber-attacks, human factors of attackers should be analyzed based on their attack scenarios each having three stages; "

show abstract

Safety securing approach against cyber-attacks for process control system

Hashimoto

Toyoshima

Yogo

et al. 2013

Computers & Chemical Engineering

View full text Add to dashboard Cite

Gas pipeline leak detection system using the online simulation method

Fukushima

Maeshima²,

Kinoshita³

et al. 2000

Computers & Chemical Engineering

View full text Add to dashboard Cite

Intrusion Detection Method for Industrial Control Systems Using Singular Spectrum Analysis

Terai

Chiba

Shintani

et al. 2018

View full text Add to dashboard Cite

Because of their automated processing capabilities, industrial control systems (ICSs) currently play a crucial role in plant operations. It was not long before ICS had been completely insulated from the Internet. However, because of the improved reliability of ICS devices and systems, we could find only a few plants that did not use ICS in conjunction with the Internet. As a result, the extended accessibility of almost every ICS component makes such systems vulnerable to cyber-attacks. Because of this, intrusion detection systems, which monitor ICS network traffic and detect suspicious activities within the components themselves, are extremely important. Previous studies argued that packet intervals could ideally be regarded as indicators of the hazardous status of ICSs against hacking activities, and proposed intrusion detection methodologies relying solely on packet intervals. However, these methodologies with supervised machine-learning have inevitably been compromised by cyber-attacks whose characteristics are different than those of the training dataset. We hypothesize that packet intervals in an ICS network used for automated industrial processes, which are forced to produce a certain type of periodicity, reflect a particular type of packet interval patterns. In other words, certain anomalous behaviors never fail to interfere with this pattern. This paper proposes an intrusion detection method using a singular spectrum analysis to monitor time series packets. We evaluated our proposed method on our cybersecurity testbed using penetration tests. The results verified the validity of our system realized in the packet interval periodicity. Furthermore, we examined the optimum parameter set for the singular spectrum analysis in the proposed method. From this experiment, we successfully designated criteria for the parameter-set based on the period of the packet intervals during normal operations. The proposed method successfully detected all three types of attacks within 4 sec, without producing a false alert during normal operations.

show abstract

Industrial Control System Monitoring Based on Communication Profile

Masafumi

Koike

Machii

et al. 2015

J. Chem. Eng. Japan / JCEJ

View full text Add to dashboard Cite

Industrial control systems (ICS) have hidden vulnerabilities that cannot be usually solved by IT security tools, because of their 24 h 365 d non-stop, non-update and non-patch operation. There is, however, very limited report of cyber-attacks, so that owners of critical infrastructures do not have much attention for their ICS protection. This is a kind of misunderstanding of the current situation caused by a lacking of capability to detect a cyber-intrusion. In order to apply an Intrusion Detection System (IDS), it is di cult to make the complete white list of communication packets, and it is also di cult to perform anomaly detection by checking the payload of packet one by one. This paper de nes characteristics of communication in the ICS network and proposes a methodology to visualize the ICS network behavior. An illustrative example of pseudo cyber-attack is also prepared for understanding our proposed method.

show abstract

An approach to potential risk analysis of networked chemical plants

Shindo

Yamazaki

Toki³

et al. 2000

Computers & Chemical Engineering

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.