Industrial Control Systems (ICS) are jeopardized from a large set of threat vectors, which exploit their vulnerabilities in order to impact the physical Critical Infrastructures they control. The Information Technology (IT) classical approach to cyber attacks can not be applied to ICS due to their extreme differences from main priorities to resource constrains. Therefore, innovative approaches and equipment must be developed in order to suit with ICS world. In this paper, a Smart Behavioural Filter (SBF) for the PLCs/RTUs is proposed aiming to secure the PLC/RTU itself against logic attacks, that are stealth for other more classical security approaches. Those logic attacks are usually anomaly behaviours, for instance a large number of open/close commands towards a valve. This smart field equipment can communicate with other equipment like itself in order to react in short time to cyber attacks and increase the resilience of the physical system. It can also generate alarms for the local Intrusion Detection System (IDS) The proposed equipment has been developed and validated in a real test-bed within the FP7 CockpitCI project. The results are promising.

Corbò, G., Foglietta, C., Palazzo, C., & Panzieri, S. (2017). Smart behavioural filter for SCADA network. In Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST (pp.101-110). Springer Verlag [10.1007/978-3-319-52569-3_9].

Smart behavioural filter for SCADA network

CORBO' , GIOVANNI;FOGLIETTA, CHIARA;PALAZZO, COSIMO;PANZIERI, Stefano
2017

Abstract

Industrial Control Systems (ICS) are jeopardized from a large set of threat vectors, which exploit their vulnerabilities in order to impact the physical Critical Infrastructures they control. The Information Technology (IT) classical approach to cyber attacks can not be applied to ICS due to their extreme differences from main priorities to resource constrains. Therefore, innovative approaches and equipment must be developed in order to suit with ICS world. In this paper, a Smart Behavioural Filter (SBF) for the PLCs/RTUs is proposed aiming to secure the PLC/RTU itself against logic attacks, that are stealth for other more classical security approaches. Those logic attacks are usually anomaly behaviours, for instance a large number of open/close commands towards a valve. This smart field equipment can communicate with other equipment like itself in order to react in short time to cyber attacks and increase the resilience of the physical system. It can also generate alarms for the local Intrusion Detection System (IDS) The proposed equipment has been developed and validated in a real test-bed within the FP7 CockpitCI project. The results are promising.
9783319525686
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: http://hdl.handle.net/11590/315740
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 1
  • ???jsp.display-item.citation.isi??? 0
social impact