Extracting Vulnerabilities in Industrial Control Systems using a Knowledge-Based System

Lemaire, Laurens; Vossaert, Jan; Jansen, Joachim; Naessens, Vincent

doi:10.14236/ewic/ics2015.1

Cited by 13 publications

(10 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Our approach extends FAST-CPS (Lemaire et al 2014(Lemaire et al , 2015, which focuses on analyzing the security impact of known vulnerabilities on the security of 2 cyber-physical systems. It enables the user to model the system architecture in SysML, a modelling language derived from UML used for model-based systems engineering (Friedenthal et al 2014) and translates it to a logic-based model.…”

Section: Approachmentioning

confidence: 99%

“…The attack trees are generated based on a model of the ICS, which must be provided by the assessor. This paper does not focus on the modelling of the CPS itself but uses an existing modelling framework, namely FAST-CPS (Lemaire et al 2015). This framework was selected because it allows the assessor to model the system using a graphical formalism based on SysML and automatically links known vulnerabilities extracted from vulnerability databases on the Internet (e.g.…”

Section: System Modelmentioning

confidence: 99%

See 1 more Smart Citation

CPS Security Assessment using Automatically Generated Attack Trees

Depamelaere

Lemaire

Vossaert

et al. 2018

Electronic Workshops in Computing

Self Cite

View full text Add to dashboard Cite

Over the last decades, cyber-physical systems have evolved from isolated to complex interconnected systems that are remotely accessible. This made them easier to attack, especially since they often contain legacy components with known vulnerabilities. This paper presents a methodology to assess the security of a cyber-physical system. It automatically generates attack trees based on the system architecture. The generated attack trees are processed to provide both technical and non-technical feedback. The assessor can define different attacker models to asses the security of the system with respect to different types of attackers. The methodology is validated by providing tool support and applying it to an example ICS.

show abstract

Section: Approachmentioning

confidence: 99%

Section: System Modelmentioning

confidence: 99%

CPS Security Assessment using Automatically Generated Attack Trees

Depamelaere

Lemaire

Vossaert

et al. 2018

Electronic Workshops in Computing

Self Cite

View full text Add to dashboard Cite

show abstract

“…This list is added to our logic theory in order to identify these vulnerabilities if the associated components are used in the control system. More details about how this is done can be found at [12] [13].…”

Section: Simulationsmentioning

confidence: 99%

“…It is able to identify complex vulnerabilities which could escape the human eye, as shown in [13]. It also draws from vast vulnerability databases to quickly identify component vulnerabilities, which means the user does not have to search through the databases himself.…”

Section: Reflectionmentioning

confidence: 99%

A logic-based framework for the security analysis of Industrial Control Systems

Lemaire

Vossaert

Jansen

et al. 2017

Aut. Control Comp. Sci.

Self Cite

View full text Add to dashboard Cite

Abstract. Industrial Control Systems (ICS) are used for monitoring and controlling critical infrastructures such as power stations, waste water treatment facilities, traffic lights, and many more. Lately, these systems have become a popular target for cyber attacks. Security is often an afterthought, leaving them vulnerable to all sorts of attacks. This article presents a formal approach for analysing the security of Industrial Control Systems, both during their design phase and while operational. A knowledge-based system is used to analyse a model of the control system and extract system vulnerabilities. The approach has been validated on an ICS in the design phase.

show abstract

“…In the ICS domain, some papers already address the ICS security knowledge. However many of them do not cover the full scope of ICS security assessments (Oates et al, 2013;Schneider, Obermeier and Schlegl, 2015;Lemaire et al, 2015;Lemaire et al, 2014), and others focus on special applications of ICS like smart grids and critical infrastructures (Choraś et al, 2010a; Jarmakiewicz, Maslanka and Parobczak, 2015; Barnett and Crapo, 2011;Koster et al, 2009). Additionally some general papers, dealing with ICS, do not embrace (all) ICS requirements (Bouet and Israel, 2011;Choraś et al, 2010b).…”

Section: Related Workmentioning

confidence: 99%

Ontology and life cycle of knowledge for ICS security assessments

Tebbe¹,

Niemann²,

Fay

2016

Electronic Workshops in Computing

View full text Add to dashboard Cite

Industrial Control Systems (ICS) succumb to an ever evolving variety of threats. Additionally, threats are increasing in number and get more complex. This requires a holistic and up-to-date security concept for ICS as a whole. Usually security concepts are applied and updated based on regularly performed ICS security assessments. Such ICS security assessments require high effort and extensive knowledge about ICS and its security. This is often a problem for small and mediumsized enterprises (SME), which do not have sufficient respective sufficiently skilled human resources. This paper defines in a first step requirements on the knowledge needed to perform an ICS security assessment and the life cycle of this knowledge. Afterwards the ICS security knowledge and its life cycle are developed and discussed considering the requirements and related work.

show abstract

Extracting Vulnerabilities in Industrial Control Systems using a Knowledge-Based System

Cited by 13 publications

References 8 publications

CPS Security Assessment using Automatically Generated Attack Trees

CPS Security Assessment using Automatically Generated Attack Trees

A logic-based framework for the security analysis of Industrial Control Systems

Ontology and life cycle of knowledge for ICS security assessments

Contact Info

Product

Resources

About