Design and implementation of a security framework for industrial control systems

Harshe, Omkar A.; Chiluvuri, N. Teja; Patterson, Cameron; Baumann, William T.

doi:10.1109/iic.2015.7150724

Cited by 4 publications

(2 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Sawada et al [12] and Harshe et al [3] have proposed cyber-physical system security solutions that use local (backup) controllers, which kick in when remote (central) controllers are compromised or are unavailable. The central controllers usually optimize the networked control system to yield high performance while the local controller guarantees the minimum performance requirements of the logical subsystem.…”

Section: Related Workmentioning

confidence: 99%

Detecting Data Manipulation Attacks on the Substation Interlocking Function Using Direct Power Feedback

Tebekaemi

Colbert

Wijesekera

2017

Critical Infrastructure Protection XI

View full text Add to dashboard Cite

Any form of deliberate physical or cyber activity that attempts to undermine the control mechanisms that maintain the key goals of reliability, efficiency and safety of a physical system can be considered to be an attack on the system. Indeed, an attack can be as subtle as a configuration change that prevents the optimal operation of a power system.This chapter describes an approach that enhances the security of the interlocking function in a power distribution substation by using the power flow behavior of the physical system during switching events as direct power feedback. The approach detects potential over-thenetwork data modification attacks on the interlocking function using out-of-bounds sensor measurements. The direct power feedback adds an extra layer of security and redundancy to existing power substation interlocking function protection mechanisms.

show abstract

Section: Related Workmentioning

confidence: 99%

Detecting Data Manipulation Attacks on the Substation Interlocking Function Using Direct Power Feedback

Tebekaemi

Colbert

Wijesekera

2017

Critical Infrastructure Protection XI

View full text Add to dashboard Cite

show abstract

“…The trigger mechanism is responsible for the switch-over from the production controller to the backup controller in the presence of any malicious activity [38]. The plant's sensor values are stored, a process state model is maintained and used to predict the plant's future behavior.…”

Section: Detection and Mitigation Of Attacksmentioning

confidence: 99%

A hands-on modular laboratory environment to foster learning in control system security

Deshmukh

Patterson

Baumann

2016

2016 IEEE Frontiers in Education Conference (FIE)

Self Cite

View full text Add to dashboard Cite

Cyber-Physical Systems (CPSes) form the core of Industrial Control Systems (ICSes) and critical infrastructure. These systems use computers to control and monitor physical processes in many critical industries including aviation, industrial automation, transportation, communications, waste treatment, and power systems. Increasingly, these systems are connected with corporate networks and the Internet, making them susceptible to risks similar to traditional computing systems experiencing cyber-attacks on a conventional Information Technology (IT) network. Furthermore, recent attacks like the Stuxnet worm have demonstrated the weaknesses of CPS security, which has prompted increased effort to develop more effective security mechanisms. While this remains an important topic of research, often CPS security is not given much attention in undergraduate programs. There can be a significant disconnect between control system engineers with CPS engineering skills and network engineers with an IT background.This thesis describes hands-on courseware to help students bridge this gap. This courseware incorporates cyber-physical security concepts into effective learning modules that highlight real-world technical issues. A modular learning approach helps students understand CPS architectures and their vulnerabilities to cyber-attacks via experiential learning, and acquire practical skills through actively participating in the hands-on exercises. The ultimate goal of these lab modules is to show how an adversary would break into a conventional CPS system by exploiting various network protocols and security measures implemented in the system. A mock testbed environment is created using commercial-off-the-shelf hardware to address the unique aspects of a CPS, and serve as a cybersecurity trainer for students from control system or IT backgrounds. The modular nature of this courseware, which uses an economical and easily replicable hardware testbed, make this experience uniquely available as an adjunct to conventional embedded system, control system design, or cybersecurity courses. To assess the impact of this courseware, an evaluation survey is developed to measure the understanding of the unique aspects of CPS security addressed. These modules leverage the existing academic subjects, help students understand the sequence of steps taken by adversaries, and serve to bridge theory and practice. A Hands-on Modular Laboratory Environment to Foster Learning inControl System Security Pallavi Prafulla Deshmukh GENERAL AUDIENCE ABSTRACT Cyber-Physical Systems (CPSes) use computers to control and monitor physical processes in domains such as aviation, industrial automation, transportation, communication, water distribution, waste treatment, and power systems. These systems are increasingly connected with both private and public networks, making them susceptible to disruption or destruction by adversaries anywhere in the world. Stuxnet worm was a prime example of a sophisticated attack that managed to infiltrate and damage centrif...

show abstract

An Active Defence Architecture for Industrial Control System based on Trusted Computing 3.0

Yang

Hongzhu

Liu

et al. 2020

2020 Chinese Automation Congress (CAC)

View full text Add to dashboard Cite

Design and implementation of a security framework for industrial control systems

Cited by 4 publications

References 10 publications

Detecting Data Manipulation Attacks on the Substation Interlocking Function Using Direct Power Feedback

Detecting Data Manipulation Attacks on the Substation Interlocking Function Using Direct Power Feedback

A hands-on modular laboratory environment to foster learning in control system security

An Active Defence Architecture for Industrial Control System based on Trusted Computing 3.0

Contact Info

Product

Resources

About