Security threats of Internet-reachable ICS

Abe, Shingo; Fujimoto, Mariko; Horata, Shinichi; Uchida, Yukako; Mitsunaga, Takuho

doi:10.1109/sice.2016.7749239

Cited by 21 publications

(4 citation statements)

References 0 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The latter could therefore become a critical element, since the unavailability of just a single PLC would impede the operators from monitoring or controlling large portions of the water system. On the other hand, increasing the number of PLCs would require to deploy multiple local area networks-as well as network routing to interconnect them-thereby exposing the cyber-physical systems to other vulnerabilities (Abe et al 2016). Finding a reasonable trade-off between costs, vulnerabilities, and operational flexibility is thus a complex task that could be tackled with DHALSIM.…”

Section: Discussionmentioning

confidence: 99%

High-Fidelity Cyber and Physical Simulation of Water Distribution Systems. II: Enabling Cyber-Physical Attack Localization

Murillo

Taormina

Tippenhauer

et al. 2023

J. Water Resour. Plann. Manage.

View full text Add to dashboard Cite

A fundamental problem in the realm of cyber-physical security of smart water networks is attack detection, a key step towards designing adequate countermeasures. This task is typically carried out by algorithms that analyze time series of process data. However, the nature of the data available to develop these algorithms limits their capabilities: by relying on process data only, one cannot distinguish a cyber-attack from the failure of a system's component or identify the root cause of an attack. Here, we show that these limitations can be addressed through the joint analysis of process and network data-with the latter representing the information exchanged between the components constituting the Industrial Control System, such as sensors and Programmable Logic Controllers (PLCs). For this purpose, we utilize a dataset generated by digital hydraulic simulator (DHALSIM)-a numerical modelling platform built on a two-way interaction between EPANET version 2.2 and a network emulation tool-which is extended here to include a framework for launching cyber-physical attacks. This paper presents a dataset with realistic network information of a smart water network under cyber-physical attacks and presents an analysis of how that information can enable the development of better intrusion detection systems that can localize and identify attacks. Through this analysis, the dataset provided here, and the open-source availability of DHALSIM, our work paves the way to a novel class of analytics for actionable detection.

show abstract

Section: Discussionmentioning

confidence: 99%

High-Fidelity Cyber and Physical Simulation of Water Distribution Systems. II: Enabling Cyber-Physical Attack Localization

Murillo

Taormina

Tippenhauer

et al. 2023

J. Water Resour. Plann. Manage.

View full text Add to dashboard Cite

show abstract

“…Finally, it is worth mentioning that there is a specific area on Shodan's webpage for detecting multiple ICSs [67]. In fact, different researchers have previously warned on the existence of numerous ICSs, Supervisory Control and Data Acquisition (SCADA) systems and PLCs exposed on the Internet and that can be easily discovered with Shodan [68][69][70][71][72]. In addition, Shodan has been used for detecting CPSs [73] or smart healthcare devices [74], thus demonstrating that little effort is required to detect critical IIoT devices and exposed Industry 4.0 services.…”

Section: Iiot and Industry 40 Cybersecurity Toolsmentioning

confidence: 99%

Use Case Based Blended Teaching of IIoT Cybersecurity in the Industry 4.0 Era

Fernández‐Caramés

Fraga‐Lamas

2020

Applied Sciences

View full text Add to dashboard Cite

Industry 4.0 and Industrial Internet of Things (IIoT) are paradigms that are driving current industrial revolution by connecting to the Internet industrial machinery, management tools or products so as to control and gather data about them. The problem is that many IIoT/Industry 4.0 devices have been connected to the Internet without considering the implementation of proper security measures, thus existing many examples of misconfigured or weakly protected devices. Securing such systems requires very specific skills, which, unfortunately, are not taught extensively in engineering schools. This article details how Industry 4.0 and IIoT cybersecurity can be learned through practical use cases, making use of a methodology that allows for carrying out audits to students that have no previous experience in IIoT or industrial cybersecurity. The described teaching approach is blended and has been imparted at the University of A Coruña (Spain) during the last years, even during the first semester of 2020, when the university was closed due to the COVID-19 pandemic lockdown. Such an approach is supported by online tools like Shodan, which ease the detection of vulnerable IIoT devices. The feedback results provided by the students show that they consider useful the proposed methodology, which allowed them to find that 13% of the IIoT/Industry 4.0 systems they analyzed could be accessed really easily. In addition, the obtained teaching results indicate that the established course learning outcomes are accomplished. Therefore, this article provides useful guidelines for teaching industrial cybersecurity and thus train the next generation of security researchers and developers.

show abstract

“…The basic functions of ICS involve: sensor measurements, hardware control for actuators (breakers, switches and monitors), humanmachine interfacing and remote diagnostics and maintenance utilities (Cárdenas et al, 2008;Nicholson et al, 2012). The modern ICS and it's development trends enable great business and operational profitability, an inevitable array of security susceptibilities are as well introduced, which threaten the functional reliability of operations in the industrial domain (Abe et al, 2016). Over the past years, records continue to show an alarming increase in cyber threats and attacks against ICSs globally.…”

Section: Introductionmentioning

confidence: 99%

Human factor security: evaluating the cybersecurity capacity of the industrial workforce

Ani

Tiwari

2019

J of Systems and Info Tech

View full text Add to dashboard Cite

Purpose -As cyber-attacks continue to grow, organisations adopting the internet-of-things (IoT) have continued to react to security concerns that threaten their businesses within the current highly competitive environment. Many recorded industrial cyber-attacks have successfully beaten technical security solutions by exploiting humanfactor vulnerabilities related to security knowledge and skills and manipulating human elements into inadvertently conveying access to critical industrial assets. Knowledge and skill capabilities contribute to human analytical proficiencies for enhanced cybersecurity readiness. Thus, a human-factored security endeavour is required to investigate the capabilities of the human constituents (workforce) to appropriately recognise and respond to cyber intrusion events within the industrial control system (ICS) environment.Design/methodology/approach -A quantitative approach (statistical analysis) is adopted to provide an approach to quantify the potential cybersecurity capability aptitudes of industrial human actors, identify the least security-capable workforce in the operational domain with the greatest susceptibility likelihood to cyber-attacks (i.e. weakest link) and guide the enhancement of security assurance. To support these objectives, a Human-factored Cyber Security Capability Evaluation approach is presented using conceptual analysis techniques.Findings -Using a test scenario, the approach demonstrates the capacity to proffer an efficient evaluation of workforce security knowledge and skills capabilities and the identification of weakest link in the workforce.Practical implications -The approach can enable organisations to gain better workforce security perspectives like security-consciousness, alertness and response aptitudes, thus guiding organisations into adopting strategic means of appropriating security remediation outlines, scopes and resources without undue wastes or redundancies.Originality/value -This paper demonstrates originality by providing a framework and computational approach for characterising and quantify human-factor security capabilities based on security knowledge and security skills. It also supports the identification of potential security weakest links amongst an evaluated industrial workforce (human agents), some key security susceptibility areas and relevant control interventions. The model and validation results demonstrate the application of action research. This paper demonstrates originality by illustrating how action research can be applied within socio-technical dimensions to solve recurrent and dynamic problems related to industrial environment cyber security improvement. It provides value by demonstrating how theoretical security knowledge (awareness) and practical security skills can help resolve cyber security response and control uncertainties within industrial organisations.

show abstract

Security threats of Internet-reachable ICS

Cited by 21 publications

References 0 publications

High-Fidelity Cyber and Physical Simulation of Water Distribution Systems. II: Enabling Cyber-Physical Attack Localization

High-Fidelity Cyber and Physical Simulation of Water Distribution Systems. II: Enabling Cyber-Physical Attack Localization

Use Case Based Blended Teaching of IIoT Cybersecurity in the Industry 4.0 Era

Human factor security: evaluating the cybersecurity capacity of the industrial workforce

Contact Info

Product

Resources

About