Applying F(I)MEA-technique for SCADA-Based Industrial Control Systems Dependability Assessment and Ensuring

Babeshko, Eugene; Kharchenko, Vyacheslav; Gorbenko, Anatoliy

doi:10.1109/depcos-relcomex.2008.23

Cited by 28 publications

(13 citation statements)

References 4 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…A third paper uses Failure Mode Effects Analysis (FMEA) to extend the concept to include intrusion detection or F(I)MEA. A tabular example is provided and this is an excellent method to identify system elements that could cause system failures due to intrusions [7]. The fourth and fifth papers provided three attacks to consider in SCADA system Intrusion Detection.…”

Section: Ids Technologies and Related Workmentioning

confidence: 99%

A transfer function based intrusion detection system for SCADA systems

Papa

Casper

Nair

2012

2012 IEEE Conference on Technologies for Homeland Security (HST)

View full text Add to dashboard Cite

Most SCADA and industrial control systems have a limited and deterministic set of behaviors that results with a relatively small amount of variability during normal system operation. Automatic controller commands, operator commands and sensor measurement data within the system may be modified by an attacker to cause system failures. To detect these intrusions a Transfer Function based Intrusion Detection System (TFIDS) is proposed in this paper. Normal operational behaviors can be modeled and integrated into the TFIDS with alarm filtering and reporting rules. Trust anchors within the system are required to collect some of the signals, ensure the signal integrity when delivered to the TFIDS, and to host the TFIDS if physical attacks are a concern. This paper provides an overview of the TFIDS and simulation results for attacks on a waste water treatment system with and without the TFIDS.

show abstract

Section: Ids Technologies and Related Workmentioning

confidence: 99%

A transfer function based intrusion detection system for SCADA systems

Papa

Casper

Nair

2012

2012 IEEE Conference on Technologies for Homeland Security (HST)

View full text Add to dashboard Cite

show abstract

“…unrealized countermeasures) the Intrusion Modes, Effects and Criticality Analysis IMECA should be executed. IMECA is a modification of FMEA (Failure Modes and Effects Analysis) which takes into account possible intrusions to the system [12]. Since any vulnerability can become a failure if an intrusion occurs, the IMECA should be used.…”

Section: Description Of the Cybersecurity Assurance Case-oriented Tecmentioning

confidence: 99%

Gap-Analysis of Assurance Case-Based Cybersecurity Assessment: Technique and Case Study

Illiashenko¹,

Kharchenko²,

Kor³

2018

A.I.S.

Self Cite

View full text Add to dashboard Cite

The subject matter of the article is the processes of cybersecurity assessment. The goal is to develop technique for gapanalysis of cybersecurity analysis process. The task to be solved is to develop a method for analyzing gaps in the process of assessment of non-functional requirements for safety and cybersecurity of ICS. It is based on the classification of requirements, taking into account the possibility of their decomposition, which includes the construction of an advanced security assurance and determination of countermeasures to address detected gaps. Conclusions. The scientific novelty of the results obtained is as follows: the method for ensuring the information security of digital components of the I&Cs was further developed by analyzing the discrepancies of requirements using vulnerability description procedures and assessing the severity of the intrusions consequences, as well as determining the set of countermeasures by the "security-cost" criterion, which makes it possible to reduce risks to an acceptable level.

show abstract

“…• functional safety, when failure criticality is assessed using probability p f and consequences u f (FME(C)A-or SFME(C)A-tables); • information security, when interactions v f are taking into account (in this case we get F(I)MEA-table [16]); • survivability, when it is necessary to take into account physical actions v pf , information actions v if and system degradation level (it could be described by parameter u f or its specific part u f (v)). Parameter u f (v) is oriented to assessment of system operation quality decrease, description could be done using degradation diagrams, so-called QD-diagrams [22].…”

Section: Assessed Attributes and Used Meansmentioning

confidence: 99%

“…It is confirmed in the recent publications that method is appropriate for security assessment using F(I)MEA (Failure(Intrusion) Modes and Effects Analysis)-technique, failure effects analysis from the recovery time view etc. [15][16]. Other example is that FME(C)A-approach jointly with FTA was extended for reliability analysis at the software architecture design level [17].…”

Section: Introduction and Problem Statementmentioning

confidence: 97%

Extended Dependability Analysis of Information and Control Systems by FME(C)A-technique: Models, Procedures, Application

Komari

Kharchenko

Babeshko

et al. 2009

2009 Fourth International Conference on Dependability of Computer Systems

Self Cite

View full text Add to dashboard Cite

This paper addresses the problems associated with dependability analysis of complex information and control systems (I&CS). FME(C)A-technique is proposed as a unified approach to I&CS dependability assessment. Classic philosophy is extended by introducing new items into assessed objects, relevant causes, assessed effects, assessed attributes and used means. FME(С)А-tables and models for dependability (reliability, survivability and safety) attributes assessment are constructed. Elements of information technology of I&CS analysis are presented.

show abstract

Applying F(I)MEA-technique for SCADA-Based Industrial Control Systems Dependability Assessment and Ensuring

Cited by 28 publications

References 4 publications

A transfer function based intrusion detection system for SCADA systems

A transfer function based intrusion detection system for SCADA systems

Gap-Analysis of Assurance Case-Based Cybersecurity Assessment: Technique and Case Study

Extended Dependability Analysis of Information and Control Systems by FME(C)A-technique: Models, Procedures, Application

Contact Info

Product

Resources

About