Control Systems Cyber Security:Defense in Depth Strategies

Kuipers, David P.; Fabro, Mark

doi:10.2172/911553

Cited by 59 publications

(41 citation statements)

References 0 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The case study uses a typical threezone ICS architecture extracted from Kuipers and Fabro (2006); Stouffer et al (2011). As given in Figure 3 Figure 3(c), derived from BSI (2014) and Kuipers and Fabro (2006).…”

Section: Case Studymentioning

confidence: 99%

“…To mitigate the increasing cyber threats targeting ICS, many government advisory reports and industrial standards propose Defense-in-Depth as the best practice to defend ICS (Stouffer et al 2011;Kuipers and Fabro 2006). Defense-in-depth aims to protect a system by establishing a multi-layer defense by combining various defensive controls, such as advanced firewalls with DMZ, security awareness training programs, a vulnerability management system, intrusion detection with effective access policies, and incident response mechanisms.…”

Section: Introductionmentioning

confidence: 99%

“…attacker methods, defense controls, network architecture) and the development of the agent-based simulation. A case study extracted from CSSP Recommended Defense-In-Depth Architecture (Kuipers and Fabro 2006) is designed in Section 4 to demonstrate the effectiveness of our proposed tools in finding optimal defense deployment. Five different scenarios are provided to capture attackers and defenders with different profiles.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Defense-in-depth vs. Critical Component Defense for Industrial Control Systems

Fielder

Hankin

2016

Electronic Workshops in Computing

View full text Add to dashboard Cite

Originally designed as self-contained and isolated networks, Industrial Control Systems (ICS) have evolved to become increasingly interconnected with IT systems and other wider networks and services, which enables cyber attacks to sabotage the normal operation of ICS. This paper proposes a simulation of attackers and defenders, who have limited resources that must be applied to either advancing the technology they have available to them or attempting to attack (defend) the system. The objective is to identify the appropriate deployment of specific defensive strategy, such as Defense-in-depth and Critical Component Defense. The problem is represented as a strategic competitive optimisation problem, which is solved using a coevolutionary Particle Swarm Optimisation problem. Through the development of optimal defense strategies, it is possible to identify when each specific defensive strategies is most appropriate; where the optimal defensive strategy depends on the kind of attacker the system is expecting and the structure of the network.

show abstract

Section: Case Studymentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Defense-in-depth vs. Critical Component Defense for Industrial Control Systems

Fielder

Hankin

2016

Electronic Workshops in Computing

View full text Add to dashboard Cite

show abstract

“…Due to their different construction goals, industrial control systems and traditional IT systems still have considerable differences in terms of technology, management and service [6]. Some typical differences are shown in the Table 1.…”

Section: Difference Between Traditional It System and Icsmentioning

confidence: 99%

Kill Chain for Industrial Control System

Zhou

Wang

et al. 2018

MATEC Web Conf.

View full text Add to dashboard Cite

Abstract. Attacks in industrial control systems vary widely and are influenced by many factors, including the intent of the attacker, the capabilities of the attacker, the sophistication of the attacking techniques, and his familiarity with the industrial control systems and industrial processes. Attacks against industrial control systems are not a simple network intrusion, but are accomplished through a series of activities to achieve precise attack. This article expands the cyber kill chain model to improve it so that it can be applied to industrial control systems to ensure that defenders in industrial control can understand the attackers' attack activities so as to reasonably allocate limited security resources, take effective security measures and make well-informed risk management decision.

show abstract

“…This probable defeat can trigger a chain reaction that will include but not limited to the obliteration of financial systems, loss of trust from investors and onward economic misfortunes such as recession, stagnation and strangulation of economic policies, national technology system failures and crashes, data leaks, and loss of profits. However, enforcing a national readiness strategy through defence-in-depth may likely serve as a panacea for controlled access and isolation of the impact zone in the event of a zero-day [31], [32]. This helps to ensure that the failure of a single control does not result to total system compromise.…”

Section: Cyber-warfare and National Readinessmentioning

confidence: 99%

Zero day exploits and national readiness for cyber-warfare

Ibor¹

2018

Nig. J. Tech.

View full text Add to dashboard Cite

A zero day vulnerability is an unknown exploit that divulges security flaws in software before such a flaw is publicly reported or announced. But how should a nation react to a zero day? This question is a concern for most national governments, and one that requires a systematic approach for its resolution. The securities of critical infrastructure of nations and states have been severally violated by cybercriminals. Nation-state espionage and the possible disruption and circumvention of the security of critical networks has been on the increase. Most of these violations are possible through detectable operational bypasses, which are rather ignored by security administrators. One common instance of a detectable operational bypass is the non-application of periodic security updates and upgrades from software and hardware vendors. Every software is not necessarily in its final state, and the application of periodic updates allow for the patching of vulnerable systems, making them to be secure enough to withstand an exploit. To have control over the security of critical national assets, a nation must be "cyber-ready" through the proper management of vulnerabilities and the deployment of the rightful technology in the cyberspace for hunting, detecting and preventing cyber-attacks and espionage. To this effect, this paper discusses the implications of zero day exploits and highlights the dangers posed by this cankerworm for an unprepared nation. The paper also adopts the defence-in-depth strategy for national readiness and a foolproof system that enforces the security of critical national infrastructure at all levels.

show abstract

Control Systems Cyber Security:Defense in Depth Strategies

Cited by 59 publications

References 0 publications

Defense-in-depth vs. Critical Component Defense for Industrial Control Systems

Defense-in-depth vs. Critical Component Defense for Industrial Control Systems

Kill Chain for Industrial Control System

Zero day exploits and national readiness for cyber-warfare

Contact Info

Product

Resources

About