The Cybersecurity Landscape in Industrial Control Systems

McLaughlin, S.W.; Konstantinou, Charalambos; Wang, Xueyang; Davi, Lucas; Sadeghi, Ahmad‐Reza; Maniatakos, Michail; Karri, Ramesh

doi:10.1109/jproc.2015.2512235

Cited by 277 publications

(132 citation statements)

References 69 publications

Supporting

Mentioning

132

Contrasting

Order By: Relevance

“…The work reports as well discussions from control and security practitioners. McLaughlin et al analyze in [44] different testbeds and conclude that it is necessary to use pathways between cyber and physical components of the system in order to detect attacks. Also, Koutsandria et al [45] implement a testbed where the data are crosschecked, using cyber and physical elements.…”

Section: Implementation Of Experimental Testbedsmentioning

confidence: 99%

On the use of watermark-based schemes to detect cyber-physical attacks

Rubio‐Hernan

Cicco

García-Alfaro

2017

EURASIP J. on Info. Security

View full text Add to dashboard Cite

We address security issues in cyber-physical systems (CPSs). We focus on the detection of attacks against cyber-physical systems. Attacks against these systems shall be handled both in terms of safety and security. Networked-control technologies imposed by industrial standards already cover the safety dimension. However, from a security standpoint, using only cyber information to analyze the security of a cyber-physical system is not enough, since the physical malicious actions that can threaten the correct behavior of the systems are ignored. For this reason, the systems have to be protected from threats to their cyber and physical layers. Some authors have handled replay and integrity attacks using, for example, physical attestation to validate the cyber process and to detect the attacks, or watermark-based detectors which uses also physical parameters to ensure the cyber layers. We reexamine the effectiveness of a stationary watermark-based detector. We show that this approach only detects adversaries that do not attempt to get any knowledge about the system dynamics. We analyze the detection ratio of the original design under the presence of new adversaries that are able to infer the system dynamics and are able to evade the detector with high frequency. We propose a new detection scheme which employs several non-stationary watermarks. We validate the detection efficiency of the new strategy via numeric simulations and via running experiments on a laboratory testbed. Results show that the proposed strategy is able to detect adversaries using non-parametric methods, but it is not equally effective against adversaries using parametric identification methods.

show abstract

Section: Implementation Of Experimental Testbedsmentioning

confidence: 99%

On the use of watermark-based schemes to detect cyber-physical attacks

Rubio‐Hernan

Cicco

García-Alfaro

2017

EURASIP J. on Info. Security

View full text Add to dashboard Cite

show abstract

“…Measurements for information security risks are defined appropriately. The security assessment process of ICS may consist of document analysis, mission and asset prioritization, vulnerability extrapolation, assessment environment, testing and impact, vulnerability remediation, validation testing, and monitoring [10]. Treatments to deal with safety and security risks will be integrated to satisfy both sides.…”

Section: Risk Assessment Process For Industrial Control Systemsmentioning

confidence: 99%

A Logical Risk Assessment Schema for Industrial Control Systems

Wang¹,

Ye²

2017

Proceedings of the 2016 International Forum on Mechanical, Control and Automation (IFMCA 2016)

View full text Add to dashboard Cite

Abstract. Information and cyber security has gained considerable importance as safety of the Industrial Control Systems (ICS). Both safety and security deal with risks. Risk assessment is an essential component of safety and security assurance infrastructure mechanisms. Considering the negative or uncertain influence on running ICS, the abstracted ICS model and simulation of ICS is introduced into safety-security risk assessment to form the logical risk assessment schema. Then a risk assessment process framework considering both safety and security is presented. The proposed framework consists of context establishment, overall safety-security risk assessment process, and verification. In the safety-security risk assessment process, conflicts of the risk treatments are addressed to form conflict-free safety-security risk treatment set. The proposed logical schema and risk assessment framework can be used to guide the safety-security risk assessment process of the industrial control systems and support the utilities and organizations in their safety-security efforts.

show abstract

“…Supervisory Control and Data Acquisition (SCADA) systems for CIs are frequently deemed vulnerable due to a mix of mindset preconceptions, design faults, and insecure technologies [2]. Moreover, Industrial Automation and Control Systems (IACS) security requires a domain-specific security approach that cannot be effectively achieved through the straightforward adoption of Information and Communications Technology (ICT) security mechanisms, tools and techniques [3].…”

Section: Introductionmentioning

confidence: 99%

Integrated protection of industrial control systems from cyber-attacks: the ATENA approach

Adamsky

Aubigny

Battisti

et al. 2018

International Journal of Critical Infrastructure Protection

View full text Add to dashboard Cite

Industrial and Automation Control systems traditionally achieved security thanks to the use of proprietary protocols and isolation from the telecommunication networks. Nowadays, the advent of the Industrial Internet of Things poses new security challenges. In this paper, we first highlight the main security challenges that advocate for new risk assessment and security strategies.To this end we propose a security framework and advanced tools to properly manage vulnerabilities, and to timely react to the threats. The proposed architecture fills the gap between computer science and control theoretic approaches. The physical layers connected to Industrial Control Systems are prone to disrupt when facing cyber-attacks. Considering the modules of the proposed architecture, we focus on the development of a practical framework to compare information about physical faults and cyber-attacks. This strat-egy is implemented in the ATENA architecture which has been designed as an innovative solution for the protection of critical assets.

show abstract

The Cybersecurity Landscape in Industrial Control Systems

Cited by 277 publications

References 69 publications

On the use of watermark-based schemes to detect cyber-physical attacks

On the use of watermark-based schemes to detect cyber-physical attacks

A Logical Risk Assessment Schema for Industrial Control Systems

Integrated protection of industrial control systems from cyber-attacks: the ATENA approach

Contact Info

Product

Resources

About