Everything Is Awesome! or Is It? Cyber Security Risks in Critical Infrastructure

Rashid, Awais; Gardiner, Joseph; Green, Ben; Craggs, Barnaby

doi:10.1007/978-3-030-37670-3_1

Cited by 11 publications

(10 citation statements)

References 7 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Generally, much fewer works exist directly discussing these challenges in the context of CI systems. In the field of security, recent cyberattacks on CI have been analyzed in some studies [13], [14] or general security threats were discussed [20], [21].…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Factors Impacting Resilience of Internet of Things Systems in Critical Infrastructure

Bureš¹,

Blažek²,

Néma³

et al. 2022

Preprint

View full text Add to dashboard Cite

Internet of Things (IoT) systems are recently being employed in various types of critical infrastructure, including integrated rescue systems, healthcare, defence, energy and other fields. Recently, the security and safety of IoT systems, in general, has been questioned by a number of studies. Raised concerns do not relate to the IoT technology in principle but to poor engineering practices that are mostly preventable. In critical infrastructure, demand for safety and security is strongly present and justifies a discussion about the general resilience of IoT systems. In this context, resilience includes system resistance to cyberattacks and its stability to operating conditions and system reliability and safety in terms of present flaws. In this paper, we discuss relevant factors impacting the resilience of IoT systems in the critical infrastructure and suggest possible countermeasures and actions mitigate the potential effects of these factors. Contrary to the previous work, an unique critical system Model-based Testing viewpoint is taken in this analysis.

show abstract

Section: Related Workmentioning

confidence: 99%

“…If the infrastructure is not properly updated, zero-day security flaws or known security vulnerabilities add on a potential attack surface that an attacker might exploit. Technological heterogeneity, if present in the system, might contribute to the problem as another factor [20].…”

Section: A Principal Areasmentioning

confidence: 99%

Factors Impacting Resilience of Internet of Things Systems in Critical Infrastructure

Bureš¹,

Blažek²,

Néma³

et al. 2022

Preprint

View full text Add to dashboard Cite

show abstract

“…Furthermore, Rashid. et al [10] analyzed the most effective attacks against ICS and resulted in four types of perception errors, which play a major role in the success of these attacks: system qualities, system boundaries, observability, and controllability.…”

Section: ) General Attacks Classificationsmentioning

confidence: 99%

Analysis of Security Challenges in Cloud-Based SCADA Systems: A Survey

Wali¹

2022

Preprint

View full text Add to dashboard Cite

<p>Supervisory control and data acquisition (SCADA) systems allow industrial organizations to control and monitor real-time data and industrial processes. Moving SCADA systems to the cloud environments can improve the performance of traditional SCADA systems by enhancing features such as storage capacity, reliability and availability, security measures, as well as reducing technical and industrial costs. However, cloud cyberattacks are rapidly increasing, posing a major challenge to such type of systems. In addition, these cyberattacks still remains scattered across many research, and much of published research on cloud-based SCADA systems has been focused on narrow sets of attacks. Thus, this research provides a survey and an analysis of the most common cybersecurity attacks and challenges that cloud-based SCADA systems might experience. It also conducts a security risk assessment of the analyzed attacks. Finally, it proposes the existing suitable detection and prevention techniques to mitigate the impact of cyberattacks on such critical control systems.</p>

show abstract

“…A casual search on Shodan reveals hundreds of ICS devices visible to the public internet. Additionally, the advent of Industry 4.0 has introduced internet-of-things (IoT) and cloud components into industrial systems, providing new methods of entry to attackers [6,15].…”

Section: Background and Related Work 21 Backgroundmentioning

confidence: 99%

Catch Me If You Can

Thomas

Gardiner

Chothia

et al. 2020

Proceedings of the 2020 Joint Workshop on CPS&IoT Security and Privacy

Self Cite

View full text Add to dashboard Cite

Industrial Control Systems (ICS) are central to the operation of critical national infrastructure (CNI) such as oil and gas, water treatment, power generation and transport systems. Effective risk management to mitigate large-scale disruption to societies and economies depends on both timely information about vulnerabilities and the consistency of this information. The longer the vulnerabilities remain "in the wild" or a lack of consistency in vulnerability reporting, the greater the impact on CNI operators' ability to systematically understand and mitigate the risks. In this paper, we focus on vulnerabilities identified and reported in Siemens ICS devices, which hold the largest share of the market. We undertake an in-depth analysis of 207 CVEs, identifying the time over which vulnerabilities were 'in the wild' before being discovered and advisories issued, and examine issues with the correctness of CVE information. We find that, on average, a vulnerability is 'in the wild' for 5.3 years, and that many CVEs do not correctly reflect and state the affected devices as Common Platform Enumerations (CPEs). Based on our findings, we propose a set of guidelines to improve the reporting and consistency of ICS CVE information. CCS CONCEPTS • Computer systems organization → Embedded and cyberphysical systems; Maintainability and maintenance; • Security and privacy → Embedded systems security.

show abstract

Everything Is Awesome! or Is It? Cyber Security Risks in Critical Infrastructure

Cited by 11 publications

References 7 publications

Factors Impacting Resilience of Internet of Things Systems in Critical Infrastructure

Factors Impacting Resilience of Internet of Things Systems in Critical Infrastructure

Analysis of Security Challenges in Cloud-Based SCADA Systems: A Survey

Catch Me If You Can

Contact Info

Product

Resources

About