A model for security management of SCADA systems

“…Our proposal can also be viewed as complementary to existing approaches and can be implemented together with other techniques that also address the resilience of industrial systems [3,4,18], but do not target more sophisticated attacks. Finally, we also mention that the proposed segmentation methodology can be combined with techniques that ensure the security of industrial systems [1,12], leading to installations that are both secure and resilient against cyber threats. The study reported in this paper is a first step in our work towards the development of a method that maximizes the resilience of physical processes with network segmentation.…”

“…Such approaches rely on PLCs running legitimate control code with incorporated countermeasures, that could be rewritten by malware. The proposed segmentation methodology could also be combined with techniques that ensure the security of industrial systems [1,12], leading to a system that is both secure and resilient against cyber threats.…”

An Experimental Study on the Impact of Network Segmentation to the Resilience of Physical Processes

“…Our proposal can also be viewed as complementary to existing approaches and can be implemented together with other techniques that also address the resilience of industrial systems [3,4,18], but do not target more sophisticated attacks. Finally, we also mention that the proposed segmentation methodology can be combined with techniques that ensure the security of industrial systems [1,12], leading to installations that are both secure and resilient against cyber threats. The study reported in this paper is a first step in our work towards the development of a method that maximizes the resilience of physical processes with network segmentation.…”

“…Such approaches rely on PLCs running legitimate control code with incorporated countermeasures, that could be rewritten by malware. The proposed segmentation methodology could also be combined with techniques that ensure the security of industrial systems [1,12], leading to a system that is both secure and resilient against cyber threats.…”

An Experimental Study on the Impact of Network Segmentation to the Resilience of Physical Processes

“…[7] presented a framework for assessing security risks in cyberphysical systems, which is designed to benchmark security risks when inter-dependencies of physical and logical components may result in correlated failures. dos Anjos et al [8] leveraged a tool called Ponder to create a policy-based ICS security management 235 model enabling formal policy specification, rule validation, policy distribution and application, as well as conformity check with current standards on information security of critical systems. Hieb et al [9] proposed an ontology framework that allows formal representation of process control systems, together with a fault 240 diagnosis algorithm capable of identifying process faults induced by a cyber intrusion.…”

A framework for Seveso-compliant cyber-physical security testing in sensitive industrial plants

Physical process resilience-aware network design for SCADA systems