research-article

Cybersecurity in industrial control systems: : Issues, technologies, and challenges

Authors:

Muhammad Rizwan Asghar,

Sherali ZeadallyAuthors Info & Claims

Volume 165, Issue C

https://doi.org/10.1016/j.comnet.2019.106946

Published: 24 December 2019 Publication History

Abstract

Industrial Control Systems (ICSs) play an important role in today’s industry by providing process automation, distributed control, and process monitoring. ICS was designed to be used in an isolated area or connected to other systems via specialised communication mechanisms or protocols. This setup allows manufacturers to manage their production processes with great flexibility and safety. However, this design does not meet today’s business requirements to work with state-of-the-art technologies such as Internet-of-Things (IoT) and big data analytics. In order to fulfil industry requirements, many ICSs have been connected to enterprise networks that allow business users to access real-time data generated by power plants. At the same time, this new design opens up several cybersecurity challenges for ICSs.

We review possible cyber attacks on ICSs, identify typical threats and vulnerabilities, and we discuss unresolved security issues with existing ICS cybersecurity solutions. Then, we discuss how to secure ICSs (e.g., using risk assessment methodologies) and other protection measures. We also identify open security research challenges for ICSs, and we present a classification of existing security solutions along with their strengths and weaknesses. Finally, we provide future research directions in ICS security.

References

[1]

U.P.D. Ani, H. He, A. Tiwari, Review of cybersecurity issues in industrial critical infrastructure: Manufacturing in perspective, Journal of Cyber Security Technology 1 (1) (2017) 32–74.

[2]

E. Byres, J. Lowe, The myths and facts behind cyber security risks for industrial control systems, Proceedings of the VDE Kongress, 116, 2004, pp. 213–218.

[3]

M. Cheminod, I. Bertolotti, L. Durante, P. Maggi, D. Pozza, R. Sisto, A. Valenzano, Detecting chains of vulnerabilities in industrial networks, Industrial Informatics, IEEE Transactions on 5 (2) (2009) 181–193.

[4]

J. Leyden, Polish teen derails tram after hacking train network, The Register 11 (2008).

[5]

R. Langner, Stuxnet: Dissecting a cyberwarfare weapon, Security Privacy, IEEE 9 (3) (2011) 49–51.

[6]

D.U. Case, Analysis of the cyber attack on the ukrainian power grid, Electricity Information Sharing and Analysis Center (EISAC) (2016).

[7]

R. Walters, Cyber attacks on us companies in 2014, The Heritage Foundation 4289 (2014) 1–5.

[8]

L. Bonner, Cyber risk: How the 2011 sony data breach and the need for cyber risk insurance policies should direct the federal response to rising data breaches, Wash. UJL & Pol’y 40 (2012) 257.

[9]

J. Jansen, R. Leukfeldt, Phishing and malware attacks on online banking customers in the netherlands: A qualitative analysis of factors leading to victimization, International Journal of Cyber Criminology 10 (1) (2016) 79.

[10]

M. Fabro, T. Nelson, Control systems cyber security: Defense-in-depth strategies, 2007,

[11]

J. Falco, K. Stouffer, A. Wavering, F. Proctor, IT security for industrial control systems, 2002.

[12]

I.C. Bertolotti, L. Durante, T. Hu, A. Valenzano, A model for the analysis of security policies in industrial networks, Proceedings of the 1st International Symposium on ICS & SCADA Cyber Security Research 2013, ICS-CSR 2013, BCS, UK, 2013, pp. 66–77.

[13]

M. Cheminod, L. Durante, L. Seno, A. Valenzano, On the description of access control policies in networked industrial systems, Factory Communication Systems (WFCS), 2014 10th IEEE Workshop on, 2014, pp. 1–10.

[14]

R. Chakravarthy, C. Hauser, D.E. Bakken, Long-lived authentication protocols for process control systems, International Journal of Critical Infrastructure Protection 3 (3–4) (2010) 174–181.

[15]

J. Stamp, J. Dillinger, W. Young, J. DePoy, Common vulnerabilities in critical infrastructure control systems, SAND2003-1772C. Sandia National Laboratories (2003).

[16]

E. Yalcinkaya, A. Maffei, M. Onori, Application of attribute based access control model for industrial control systems, International Journal of Computer Network and Information Security 9 (2) (2017) 12.

[17]

Y. Xu, Y. Yang, T. Li, J. Ju, Q. Wang, Review on cyber vulnerabilities of communication protocols in industrial control systems, Energy Internet and Energy System Integration (EI2), 2017 IEEE Conference on, IEEE, 2017, pp. 1–6.

[18]

A. Dolgikh, T. Nykodym, V. Skormin, J. Antonakos, M. Baimukhamedov, Colored petri nets as the enabling technology in intrusion detection systems, MILITARY COMMUNICATIONS CONFERENCE, 2011 - MILCOM 2011, 2011, pp. 1297–1301.

[19]

R.A. Kisner, W.W. Manges, L.P. MacIntyre, J.J. Nutaro, J. Munro, P.D. Ewing, M. Howlader, P.T. Kuruganti, R.M. Wallace, M.M. Olama, Cybersecurity through real-time distributed control systems, Oak Ridge National Laboratory, Technical Report ORNL/TM-2010/30 (2010).

[20]

L. Lemaire, J. Lapon, B. De Decker, V. Naessens, A SysML extension for security analysis of industrial control systems, Proceedings of the 2Nd International Symposium on ICS & SCADA Cyber Security Research 2014, ICS-CSR 2014, BCS, UK, 2014, pp. 1–9.

[21]

T. Vollmer, M. Manic, Cyber-physical system security with deceptive virtual hosts for industrial control networks, Industrial Informatics, IEEE Transactions on 10 (2) (2014) 1337–1347.

[22]

K. Stouffer, J. Falco, K. Scarfone, Guide to industrial control systems (ICS) security, NIST special publication 800 (82) (2011).

[23]

V.M. Igure, S.A. Laughter, R.D. Williams, Security issues in scada networks, computers & security 25 (7) (2006) 498–506.

[24]

F.-L. Lian, J. Moyne, D. Tilbury, Network design consideration for distributed control systems, IEEE Transactions on Control Systems Technology 10 (2) (2002) 297–307.

[25]

C. Alcaraz, S. Zeadally, Critical control system protection in the 21st century, Computer 46 (10) (2013) 74–83.

[26]

W. Schwab, M. Poujol, The state of industrial cybersecuity 2018, Trend Study Kaspersky Reports (2018) 33.

[27]

J. Leyden, Water treatment plant hacked, chemical mix changed for tap supplies, 2016, Last accessed: Aug 18, 2019 https://www.theregister.co.uk/2016/03/24/water_utility_hacked/.

[28]

A.A. Cárdenas, S. Amin, S. Sastry, Research Challenges for the Security of Control Systems, Usenix, 2008.

[29]

NERC, North american electric reliability corporation (nerc) standards, 2019, Last accessed: May 2, 2019 https://www.nerc.com/pa/Stand/Pages/default.aspx.

[30]

NIST, Nist publishes final guidelines for protecting sensitive government information held by contractors, 2015, Last accessed: May 2, 2019 https://www.nist.gov/news-events/news/2015/06/nist-publishes-final-guidelines-protecting-sensitive-government-information.

[31]

J. Slay, M. Miller, Lessons learned from the maroochy water breach, International Conference on Critical Infrastructure Protection, Springer, 2007, pp. 73–82.

[32]

M. Cheminod, L. Durante, A. Valenzano, Review of security issues in industrial networks, Industrial Informatics, IEEE Transactions on 9 (1) (2013) 277–293.

[33]

Y.Y. Haimes, Hierarchical holographic modeling, IEEE Transactions on Systems, Man, and Cybernetics 11 (9) (1981) 606–617.

[34]

D.J. Leversage, E.J. Byres, Estimating a system’s mean time-to-compromise, IEEE Security & Privacy 6 (1) (2008) 52–60.

Digital Library

[35]

K.G. Crowther, Y.Y. Haimes, Application of the Inoperability Input–output Model (IIM) for systemic risk assessment and management of interdependent infrastructures, Systems Engineering 8 (4) (2005) 323–341.

[36]

R. Setola, S. De Porcellinis, M. Sforna, Critical infrastructure dependency assessment using the input–output inoperability model, International Journal of Critical Infrastructure Protection 2 (4) (2009) 170–178.

[37]

E.J. Henley, H. Kumamoto, Probabilistic risk assessment and management for engineers and scientists, IEEE Press (2nd Edition) (1996).

[38]

M. Stamatelatos, H. Dezfuli, G. Apostolakis, C. Everline, S. Guarro, D. Mathias, A. Mosleh, T. Paulos, D. Riha, C. Smith, et al., Probabilistic risk assessment procedures guide for NASA managers and practitioners, NASA Technical Reports Server (2011).

[39]

D. Syed, T.-H. Chang, D. Svetinovic, T. Rahwan, Z. Aung, Security for complex cyber-physical and industrial control systems: Current trends, limitations, and challenges, Pacific Asia Conference on Information Systems (2017).

[40]

H. Deng, A. Mukherjee, D.P. Agrawal, Threshold and identity-based key management and authentication for wireless ad hoc networks, Information Technology: Coding and Computing, 2004. Proceedings. ITCC 2004. International Conference on, 1, IEEE, 2004, pp. 107–111.

[41]

A.-R. Sadeghi, C. Wachsmann, M. Waidner, Security and privacy challenges in industrial Internet of Things, Proceedings of the 52nd annual design automation conference, ACM, 2015, p. 54.

[42]

K. Poulsen, Slammer worm crashed Ohio nuke plant network, 2003, Last accessed: May 2, 2019 https://www.securityfocus.com/news/6767.

[43]

W. Knowles, D. Prince, D. Hutchison, J.F.P. Disso, K. Jones, A survey of cyber security management in industrial control systems, International Journal of Critical Infrastructure Protection 9 (2015) 52–80.

[44]

E. Chew, M.M. Swanson, K.M. Stine, N. Bartol, A. Brown, W. Robinson, Performance measurement guide for information security, National Institute of Standards and Technology Special Publications (2008).

[45]

M. Stoddard, D. Bodeau, R. Carlson, C. Glantz, Y. Haimes, C. Lian, J. Santos, J. Shaw, Process control system security metrics–state of practice, I3P Institute for Information Infrastructure Protection Research Report 1 (2005).

[46]

M. Krotofil, D. Gollmann, Industrial control systems security: What is happening?, Industrial Informatics (INDIN), 2013 11th IEEE International Conference on, 2013, pp. 670–675.

[47]

R. Leszczyna, Approaching secure industrial control systems, Information Security, IET 9 (1) (2015) 81–89.

[48]

A. Zimba, Z. Wang, H. Chen, Multi-stage crypto ransomware attacks: A new emerging cyber threat to critical infrastructure and industrial control systems, ICT Express (2018).

[49]

P. Auerswald, L. Branscomb, S. Shirk, M. Kleeman, T. Porte, R. Ellis, Critical infrastructure and control systems security curriculum, Department of Homeland Security, version 1 (73) (2008) 0–73.

[50]

F. Salvadori, M. de Campos, P. Sausen, R. de Camargo, C. Gehrke, C. Rech, M. Spohn, A. Oliveira, Monitoring in industrial systems using wireless sensor network with dynamic power management, Instrumentation and Measurement, IEEE Transactions on 58 (9) (2009) 3104–3111.

[51]

H.L. Gawand, A. Bhattacharjee, K. Roy, Online monitoring of a cyber physical system against control aware cyber attacks, Procedia Computer Science 70 (2015) 238–244.

[52]

T. Cruz, J. Barrigas, J. Proenca, A. Graziano, S. Panzieri, L. Lev, P. Simoes, Improving network security monitoring for industrial control systems, Integrated Network Management (IM), 2015 IFIP/IEEE International Symposium on, 2015, pp. 878–881.

[53]

S. Sridhar, M. Govindarasu, Model-based attack detection and mitigation for automatic generation control, IEEE Transactions on Smart Grid 5 (2) (2014) 580–591.

[54]

Z. Drias, A. Serhrouchni, O. Vogel, Taxonomy of attacks on industrial control protocols, Protocol Engineering (ICPE) and International Conference on New Technologies of Distributed Systems (NTDS), 2015 International Conference on, 2015, pp. 1–6.

[55]

T.H. Morris, W. Gao, Industrial control system cyber attacks, Proceedings of the 1st International Symposium on ICS & SCADA Cyber Security Research 2013, ICS-CSR 2013, BCS, UK, 2013, pp. 22–29.

[56]

Y.-L. Huang, A.A. Cárdenas, S. Amin, Z.-S. Lin, H.-Y. Tsai, S. Sastry, Understanding the physical and economic consequences of attacks on control systems, International Journal of Critical Infrastructure Protection 2 (3) (2009) 73–83.

[57]

T. Fleury, H. Khurana, V. Welch, Towards a taxonomy of attacks against energy control systems, Critical Infrastructure Protection, Springer, 2008, pp. 71–85.

[58]

U. Tupakula, V. Varadharajan, Techniques for detecting attacks on critical infrastructure, Computing, Networking and Communications (ICNC), 2014 International Conference on, 2014, pp. 48–52.

[59]

E.N. Yılmaz, S. Gönen, Attack detection/prevention system against cyber attack in industrial control systems, Computers & Security 77 (2018) 94–105.

[60]

K. Fenrich, Securing your control system, 50th Annual ISA. POWID Symposium/17th ISA POWID/EPRI Controls & Instrumentation Conference, 2007, p. 11.

[61]

O.A. Harshe, Preemptive Detection of Cyber Attacks on Industrial Control Systems, Virginia Tech, 2015, Ph.D. thesis.

[62]

M. Sainz, M. Iturbe, I. Garitano, U. Zurutuza, Software defined networking opportunities for intelligent security enhancement of industrial control systems, International Joint Conference SOCO’17-CISIS’17-ICEUTE’17 León, Spain, September 6–8, 2017, Proceeding, Springer, 2017, pp. 577–586.

[63]

A.F.M. Piedrahita, V. Gaur, J. Giraldo, A.A. Cardenas, S.J. Rueda, Leveraging software-defined networking for incident response in industrial control systems, IEEE Software 35 (1) (2018) 44–50.

[64]

S. Manson, D. Anderson, Practical cybersecurity for protection and control system communications networks, Petroleum and Chemical Industry Technical Conference (PCIC), 2017, IEEE, 2017, pp. 195–204.

[65]

C. Zhou, S. Huang, N. Xiong, S.-H. Yang, H. Li, Y. Qin, X. Li, Design and analysis of multimodel-based anomaly intrusion detection systems in industrial process automation, Systems, Man, and Cybernetics: Systems, IEEE Transactions on 45 (10) (2015) 1345–1360.

[66]

C.-T. Lin, S.-L. Wu, M.-L. Lee, Cyber attack and defense on industry control systems, Dependable and Secure Computing, 2017 IEEE Conference on, IEEE, 2017, pp. 524–526.

[67]

Q. Lin, S. Adepu, S. Verwer, A. Mathur, TABOR: A graphical model-based approach for anomaly detection in industrial control systems, Asia Conference on Computer and Communications Security (2018).

[68]

D. Robinson, C. Kim, A cyber-defensive industrial control system with redundancy and intrusion detection, Power Symposium (NAPS), 2017 North American, IEEE, 2017, pp. 1–6.

[69]

R. Nair, C. Nayak, L. Watkins, K.D. Fairbanks, K. Memon, P. Wang, W.H. Robinson, The resource usage viewpoint of industrial control system security: An inference-based intrusion detection system, Cybersecurity for Industry 4.0, Springer, 2017, pp. 195–223.

[70]

B. Green, D. Prince, U. Roedig, J. Busby, D. Hutchison, Socio-technical security analysis of Industrial Control Systems (ICS), Proceedings of the 2Nd International Symposium on ICS & SCADA Cyber Security Research 2014, ICS-CSR 2014, BCS, UK, 2014, pp. 10–14.

[71]

B. Green, D. Prince, J. Busby, D. Hutchison, The impact of social engineering on industrial control system security, Proceedings of the First ACM Workshop on Cyber-Physical Systems-Security and/or PrivaCy, CPS-SPC ’15, ACM, New York, NY, USA, 2015, pp. 23–29.

[72]

M.A. McQueen, W.F. Boyer, M.A. Flynn, G.A. Beitel, Time-to-compromise model for cyber risk reduction estimation, Quality of Protection, Springer, 2006, pp. 49–64.

[73]

T. Vollmer, M. Manic, O. Linda, Autonomic intelligent cyber-sensor to support industrial control network awareness, Industrial Informatics, IEEE Transactions on 10 (2) (2014) 1647–1658.

[74]

W. Knowles, J.M. Such, A. Gouglidis, G. Misra, A. Rashid, Assurance techniques for Industrial Control Systems (ICS), Proceedings of the First ACM Workshop on Cyber-Physical Systems-Security and/or PrivaCy, CPS-SPC ’15, ACM, New York, NY, USA, 2015, pp. 101–112.

[75]

B. Green, D.D.C. Prince, J.S. Busby, D. Hutchison, How long is a piece of string: Defining key phases and observed challenges within ICS risk assessment, Workshop on Cyber-Physical Systems Security and Privacy (2017).

[76]

Q. Zhang, C. Zhou, Y.-C. Tian, N. Xiong, Y. Qin, B. Hu, A fuzzy probability bayesian network approach for dynamic cybersecurity risk assessment in industrial control systems, IEEE Transactions on Industrial Informatics 14 (6) (2018) 2497–2506.

[77]

W. Boyer, M. McQueen, Critical information infrastructures security: Second international workshop, critis 2007, málaga, spain, october 3-5, 2007. revised papers, in: J. Lopez, B.M. Hämmerli (Eds.), Critical Information Infrastructures Security: Second International Workshop, CRITIS 2007, Málaga, Spain, October 3-5, 2007. Revised Papers, Springer Berlin Heidelberg, Berlin, Heidelberg, 2008, pp. 246–260.

[78]

F. Bustamante, W. Fuertes, P. Díaz, T. Toulkeridis, Integration of it frameworks for the management of information security within industrial control systems providing metrics and indicators, 2017 IEEE XXIV International Conference on Electronics, Electrical Engineering and Computing (INTERCON), IEEE, 2017, pp. 1–4.

[79]

S. COBIT, A business framework for the governance and management of enterprise IT, Rolling Meadows (2012).

[80]

K.H. Rose, A guide to the Project Management Body of Knowledge (PMBOK® guide) - fifth edition, Project management journal 44 (3) (2013).

[81]

A. Cohen, Cyber (in) security: Decision-making dynamics when moving out of your comfort zone, The Cyber Defense Review 2 (1) (2017) 45–60.

[82]

C. Gonzalez, N. Ben-Asher, D. Morrison, Dynamics of decision making in cyber defense: Using multi-agent cognitive modeling to understand cyberwar, Theory and Models for Cyber Situation Awareness, Springer, 2017, pp. 113–127.

[83]

C. Zhong, H. Liu, A. Alnusair, Leveraging decision making in cyber security analysis through data cleaning, Southwestern Business Administration Journal 16 (1) (2017) 1.

[84]

H.J. Wall, L.K. Kaye, Online decision making: Online influence and implications for cyber security, Psychological and Behavioral Examinations in Cyber Security, IGI Global, 2018, pp. 1–25.

[85]

Y. Qin, Q. Zhang, C. Zhou, N. Xiong, A risk-based dynamic decision-making approach for cybersecurity protection in industrial control systems, IEEE Transactions on Systems, Man, and Cybernetics: Systems 99 (2018) 1–8.

[86]

Z. Franklin, C. Patterson, L. Lerner, R. Prado, Isolating trust in an industrial control system-on-chip architecture, Resilient Control Systems (ISRCS), 2014 7th International Symposium on, 2014, pp. 1–6.

[87]

C. Schuett, J. Butts, S. Dunlap, An evaluation of modification attacks on programmable logic controllers, International Journal of Critical Infrastructure Protection 7 (1) (2014) 61–68.

[88]

M. Majdalawieh, F. Parisi-Presicce, D. Wijesekera, DNPSec: Distributed Network Protocol version 3 (DNP3) security framework, Advances in Computer, Information, and Systems Sciences, and Engineering, Springer, 2007, pp. 227–234.

[89]

I. Modbus, Modbus messaging on TCP, IP Implementation Guide v1.0a, North Grafton, Massachusetts (2004).

[90]

B. Genge, F. Graur, P. Haller, Experimental assessment of network design approaches for protecting industrial control systems, International Journal of Critical Infrastructure Protection 11 (2015) 24–38.

Digital Library

[91]

B. Genge, C. Siaterlis, I.N. Fovino, M. Masera, A cyber-physical experimentation environment for the security analysis of networked industrial control systems, Computers & Electrical Engineering 38 (5) (2012) 1146–1161.

[92]

C.-K. Q. Nguyen, Industrial control systems (ICS) & Supervisory Control & Data Acquisition (SCADA) cybersecurity of power grid systems: Simulation/modeling/cyber defense using open source and virtualization, 2014,

[93]

B. Reaves, T. Morris, An open virtual testbed for industrial control system security research, International Journal of Information Security 11 (4) (2012) 215–229.

[94]

Q. Tao, M. Jiang, X. Wang, B. Deng, A cloud-based experimental platform for networked industrial control systems, International Journal of Modeling, Simulation, and Scientific Computing (2017) 1850024.

[95]

B. Green, S.A.F. Frey, A. Rashid, D. Hutchison, Testbed diversity as a fundamental principle for effective ICS security research, SERECIN (2016).

[96]

R.B. Vaughn Jr, T. Morris, Addressing critical industrial control system cyber security concerns via high fidelity simulation, Proceedings of the 11th Annual Cyber and Information Security Research Conference, ACM, 2016, p. 12.

[97]

E.-M. Kalogeraki, N. Polemi, S. Papastergiou, T. Panayiotopoulos, Modeling SCADA attacks, Smart Trends in Systems, Security and Sustainability, Springer, 2018, pp. 47–55.

[98]

B. Green, A.T. Le, R. Antrobus, U. Roedig, D. Hutchison, A. Rashid, Pains, gains and PLCs: Ten lessons from building an industrial control systems testbed for security research, 17th Workshop on Cyber Security Experimentation and Test (2017).

[99]

D. Walker, Utility IT executives expect breach of critical SCADA systems, Pipeline & gas journal 233 (2) (2006) 24–27.

[100]

M. Brandle, M. Naedele, Security for process control systems: An overview, IEEE Security & Privacy 6 (6) (2008) 24–29.

[101]

T.O. Foundation, What is opc?, 2019, Last accessed: May 2, 2019 https://opcfoundation.org/about/what-is-opc.

[102]

T. Macaulay, B.L. Singer, Cybersecurity for industrial control systems: SCADA, DCS, PLC, HMI, and SIS, Auerbach Publications, 2016.

[103]

G. Kabasele Ndonda, R. Sadre, A two-level intrusion detection system for industrial control system networks using P4, ICS-CSR 2018, 2018, p. 11.

[104]

A.F.M. Piedrahita, V. Gaur, J. Giraldo, A.A. Cardenas, S.J. Rueda, Leveraging software-defined networking for incident response in industrial control systems, IEEE Software 35 (1) (2018) 44–50.

[105]

Q. Hu, M.R. Asghar, N. Brownlee, Evaluating network intrusion detection systems for high-speed networks, Telecommunication Networks and Applications Conference (ITNAC), 2017 27th International, IEEE, 2017, pp. 1–6.

[106]

C. Alcaraz, S. Zeadally, Critical infrastructure protection: Requirements and challenges for the 21st century, International journal of critical infrastructure protection 8 (2015) 53–66.

Cited By

Xiang JZhang XZheng QDeng LZhao DZhou J(2024)CIDF:Combined Intrusion Detection Framework in Industrial Control Systems based on Packet Signature and Enhanced FSFDPProceedings of the 15th Asia-Pacific Symposium on Internetware10.1145/3671016.3674812(417-426)Online publication date: 24-Jul-2024
https://dl.acm.org/doi/10.1145/3671016.3674812
Lan BYu S(2024)Detecting Cyber Attacks in Industrial Control Systems Using Duration-aware Representation LearningProceedings of the 2024 10th International Conference on Computing and Artificial Intelligence10.1145/3669754.3669812(379-386)Online publication date: 26-Apr-2024
https://dl.acm.org/doi/10.1145/3669754.3669812
Feng JYan RHan GZhang W(2024)BDPMFuture Generation Computer Systems10.1016/j.future.2024.03.030157:C(193-209)Online publication date: 18-Jul-2024
https://dl.acm.org/doi/10.1016/j.future.2024.03.030
Show More Cited By

Index Terms

Cybersecurity in industrial control systems: Issues, technologies, and challenges

Index terms have been assigned to the content through auto-classification.

Recommendations

Cybersecurity for industrial control systems: A survey
Abstract
Industrial Control System (ICS) is a general term that includes supervisory control & data acquisition (SCADA) systems, distributed control systems (DCS), and other control system configurations such as programmable logic controllers (...
Industrial Control System Cyber Attacks
ICS-CSR 2013: Proceedings of the 1st International Symposium on ICS & SCADA Cyber Security Research 2013

This paper presents a set of attacks against SCADA control systems. The attacks are grouped into 4 classes; reconnaissance, response and measurement injection, command injection and denial of service. The 4 classes are defined and each attack is ...
HoneyICS: A High-interaction Physics-aware Honeynet for Industrial Control Systems
ARES '23: Proceedings of the 18th International Conference on Availability, Reliability and Security

Industrial control systems (ICSs) are vulnerable to cyber-physical attacks, i.e., security breaches in cyberspace that adversely affect the underlying physical processes. In this context, honeypots are effective countermeasures both to defend against ...

Comments

Information & Contributors

Information

Published In

cover image Computer Networks: The International Journal of Computer and Telecommunications Networking

Computer Networks: The International Journal of Computer and Telecommunications Networking Volume 165, Issue C

Dec 2019

247 pages

ISSN:1389-1286

Issue’s Table of Contents

Elsevier B.V.

Publisher

Elsevier North-Holland, Inc.

United States

Publication History

Published: 24 December 2019

Author Tags

Qualifiers

Research-article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

17
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 13 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Xiang JZhang XZheng QDeng LZhao DZhou J(2024)CIDF:Combined Intrusion Detection Framework in Industrial Control Systems based on Packet Signature and Enhanced FSFDPProceedings of the 15th Asia-Pacific Symposium on Internetware10.1145/3671016.3674812(417-426)Online publication date: 24-Jul-2024
https://dl.acm.org/doi/10.1145/3671016.3674812
Lan BYu S(2024)Detecting Cyber Attacks in Industrial Control Systems Using Duration-aware Representation LearningProceedings of the 2024 10th International Conference on Computing and Artificial Intelligence10.1145/3669754.3669812(379-386)Online publication date: 26-Apr-2024
https://dl.acm.org/doi/10.1145/3669754.3669812
Feng JYan RHan GZhang W(2024)BDPMFuture Generation Computer Systems10.1016/j.future.2024.03.030157:C(193-209)Online publication date: 18-Jul-2024
https://dl.acm.org/doi/10.1016/j.future.2024.03.030
Pittalà GRinieri LAl Sadi ADavoli GMelis APrandini MCerroni W(2024)Leveraging Data Plane Programmability to enhance service orchestration at the edgeComputer Networks: The International Journal of Computer and Telecommunications Networking10.1016/j.comnet.2024.110397246:COnline publication date: 1-Jun-2024
https://dl.acm.org/doi/10.1016/j.comnet.2024.110397
Krishnaveni SChen TSathiyanarayanan MAmutha B(2024)CyberDefender: an integrated intelligent defense framework for digital-twin-based industrial cyber-physical systemsCluster Computing10.1007/s10586-024-04320-x27:6(7273-7306)Online publication date: 1-Sep-2024
https://dl.acm.org/doi/10.1007/s10586-024-04320-x
L(y)u SWang KWei YLiu HFan QWang B(2023)GNN-based Advanced Feature Integration for ICS Anomaly DetectionACM Transactions on Intelligent Systems and Technology10.1145/362067614:6(1-32)Online publication date: 14-Nov-2023
https://dl.acm.org/doi/10.1145/3620676
Hong AMalinovsky PDamodaran S(2023)Towards Attack Detection in Multimodal Cyber-Physical Systems with Sticky HDP-HMM based Time Series AnalysisDigital Threats: Research and Practice10.1145/36044345:1(1-21)Online publication date: 17-Jun-2023
https://dl.acm.org/doi/10.1145/3604434
Liang QZhao SZhang JDeng H(2023)Unsupervised BLSTM-Based Electricity Theft Detection with Training Data ContaminatedACM Transactions on Cyber-Physical Systems10.1145/36044328:1(1-20)Online publication date: 15-Sep-2023
https://dl.acm.org/doi/10.1145/3604432
Ahmed ULin JSrivastava G(2023)Exploring the Potential of Cyber Manufacturing System in the Digital AgeACM Transactions on Internet Technology10.1145/359660223:4(1-38)Online publication date: 17-Nov-2023
https://dl.acm.org/doi/10.1145/3596602
Hammi BZeadally SNebhen J(2023)Security Threats, Countermeasures, and Challenges of Digital Supply ChainsACM Computing Surveys10.1145/358899955:14s(1-40)Online publication date: 22-Mar-2023
https://dl.acm.org/doi/10.1145/3588999
Show More Cited By

View Options

View options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Issue’s Table of Contents