Robust Control System Networks: How to Achieve Reliable Control After Stuxnet

Langner, Ralph R.

doi:10.5643/9781606503027

Cited by 11 publications

(11 citation statements)

References 0 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…The overall safety jointly relies on data monitoring (30%) and control availability (70%) . We make this particular configuration to reflect the common requirement of ICS that system availability generally outweighs the other aspects [12]. In the Fig.2(a), we use dashed lines to indicate the impact of deploying c 1 against w 1 at the target T 1 and T 2 .…”

Section: Case Study Settingsmentioning

confidence: 99%

Effective Defence Against Zero-Day Exploits Using Bayesian Networks

Hankin

2017

Critical Information Infrastructures Security

View full text Add to dashboard Cite

Abstract. Industrial Control Systems (ICS) play a crucial role in controlling industrial processes. Unlike conventional IT systems or networks, cyber attacks against ICS can cause destructive physical damage. Zero-day exploits (i.e. unknown exploits) have demonstrated their essential contributions to causing such damage by Stuxnet. In this work, we investigate the possibility of improving the tolerance of a system against zero-day attacks by defending against known weaknesses of the system. We first propose a metric to measure the system tolerance against zero-day attacks, which is the minimum effort required by zero-day exploits to compromise a system. We then apply this metric to evaluate different defensive plans to decide the most effective one in maximising the system tolerance against zero-day attacks. A case study about ICS security management is demonstrated in this paper.

show abstract

Section: Case Study Settingsmentioning

confidence: 99%

Effective Defence Against Zero-Day Exploits Using Bayesian Networks

Hankin

2017

Critical Information Infrastructures Security

View full text Add to dashboard Cite

show abstract

“…Por sua vez, parte significativa dessas infraestruturas é baseada no funcionamento de sistemas de controle industriais [8,9], que tendem a convergir cada vez mais para uma estrutura de controle e integração com a Internet.…”

Section: Vulnerabilidadesunclassified

“…Uma equipe multifuncional de engenheiros de controle, operadores de sistemas de controle e os profissionais de segurança de TI precisam trabalhar em estreita colaboração para entender as possíveis implicações da instalação, operação e manutenção de soluções de segurança em conjunto com a operação do sistema de controle [8]. Por sua vez, os profissionais de TI que trabalham com SCIs precisam entender a dimensão dos impactos de confiabilidade das tecnologias de segurança da informação antes da implantação, sob pena de funcionamento inadequado dos sistemas operacionais e aplicativos submetidos ao SCI [8,9].…”

Section: Vulnerabilidadesunclassified

A methodology for evaluation of energy critical infrastructures against cyber attacks

Leite

Araújo

Paumgartten

2015

2015 10th Iberian Conference on Information Systems and Technologies (CISTI)

View full text Add to dashboard Cite

Resumo -As infraestruturas críticas desempenham funções importantes na sociedade atual. Serviços de telecomunicações, de fornecimento de água e energia elétrica, são exemplos destas infraestruturas. A interdependência estabelecida entre elas, expõe a sociedade a ameaças de segurança. Para protegê-las, os provedores destes serviços necessitam manter os objetivos de segurança para suas redes de comunicação de dados. Os sistemas de Supervisão Controle e Aquisição de Dados (SCADA) constituem uma parte importante da infraestrutura crítica do Sistema Elétrico de Potência. Suas redes de comunicação de dados são potencialmente vulneráveis a ataques cibernéticos, necessitando de proteção contra uma variedade de ameaças. Este artigo tem o propósito de apresentar uma metodologia para identificar os riscos e a maturidade da organização quanto aos processos de segurança da informação e a implementação de um plano de continuidade de negócios com foco na segurança da informação em Infraestruturas Críticas do Sistema Elétrico de Potência contra ameaças que podem afetar seu ambiente tecnológico.Abstract -Nowadays, Critical Infrastructure plays a fundamental role in our modern society. Telecommunication services, water and electricity supply are examples of such infrastructures. They expose the society to security threats. To safeguard against these threats, providers of Critical Infrastructure services also need to maintain the security objectives of their interdependent data networks. The Supervisory and Control Data Acquisition (SCADA) systems are an important part of the Electric Power System Critical Infrastructure. They require protection from a variety of threats and their networks are potentially vulnerable to cyber-attacks. This paper presents a methodology to identify the risks and the maturity of the organization in relation to the information security processes and the implementation of a business continuity plan focusing on the information security at Electric Power System Critical Infrastructure against threats that can affect their technological environment. Keywords -Cyber Defence, Network Security, Electric Power Systems I. INTRODUÇÃOConsideram-se Infraestruturas Críticas (IEC) as instalações, serviços, bens e sistemas, cuja interrupção ou destruição, total ou parcial, provocará sério impacto social, ambiental, econômico, político e internacional ou à segurança do Estado e da sociedade, exigindo de medidas especiais de proteção. São seis as áreas nas quais o Estado Brasileiro reconhece a existência de infraestruturas críticas e a proposição de ações para sua proteção ou segurança: energia, telecomunicações, transportes, águas, finanças e informação. Sua operação de modo contínuo e confiável, com uso cada vez maior de Tecnologias da Informação (TI), tem tornado essas infraestruturas críticas cada vez mais complexas e interdependentes. As vulnerabilidades e ameaças a elas representam um risco à segurança da sociedade[1].

show abstract

“…Rather than addressing broader types of consequences of cyber attacks, we focus on the ones which can sabotage the operational aspects of ICS. This motivation exactly aligns with the need of integrating security and safety analysis for ICS, because in terms of the traditional goals of security, the integrity and confidentiality are less important than availability in this case (Langer 2012).…”

Section: Introductionmentioning

confidence: 99%

A Model-based Approach to Interdependency between Safety and Security in ICS

Hankin

2015

Electronic Workshops in Computing

View full text Add to dashboard Cite

Wide use of modern ICT technologies brings not only communication efficiency, but also security vulnerabilities into industrial control systems. Traditional physically-isolated systems are now required to take cyber security into consideration, which might also lead to system failures. However, integrating security and safety analysis has always been a challenging issue and the various interdependencies between them make it even more difficult, because they might mutually enhance, or undermine. The paper proposes an integrating framework to (i) formalise the desired and undesired properties to be safe(unsafe) or secure(insecure), including the dependencies between them, (ii) evaluate if a query state reaches a safe(unsafe) or secure(insecure) state, and further quantify how safe or secure the state is. In this way, we can accurately capture the benign and harmful relations between safety and security, particularly detecting and measuring conflicting impacts on them. Finally, this framework is implemented by answer set programming to enable automatic evaluation, which is demonstrated by a case study on pipeline transportation.

show abstract

Robust Control System Networks: How to Achieve Reliable Control After Stuxnet

Cited by 11 publications

References 0 publications

Effective Defence Against Zero-Day Exploits Using Bayesian Networks

Effective Defence Against Zero-Day Exploits Using Bayesian Networks

A methodology for evaluation of energy critical infrastructures against cyber attacks

A Model-based Approach to Interdependency between Safety and Security in ICS

Contact Info

Product

Resources

About