Blog
About

231
views
0
recommends
+1 Recommend
1 collections
    8
    shares
      • Record: found
      • Abstract: found
      • Conference Proceedings: found
      Is Open Access

      Extracting Vulnerabilities in Industrial Control Systems using a Knowledge-Based System

      , , ,

      3rd International Symposium for ICS & SCADA Cyber Security Research 2015 (ICS-CSR 2015) (ICS-CSR)

      Industrial Control System & SCADA Cyber Security Research (ICS-CSR)

      17 - 18 September 2015

      industrial control systems security, critical infrastructure protection, formal modeling, IDP

      Read this article at

      Bookmark
          There is no author summary for this article yet. Authors can add summaries to their articles on ScienceOpen to make them more accessible to a non-specialist audience.

          Abstract

          Industrial Control Systems (ICS) are used for monitoring and controlling critical infrastructures such as power stations, waste water treatment facilities, traffic lights, and many more. Lately, these systems have become a popular target for cyber attacks. Both during their design and while operational, security is often an afterthought, leaving them vulnerable to all sorts of attacks.Industrial Control Systems (ICS) are used for monitoring and controlling critical infrastructures such as power stations, waste water treatment facilities, traffic lights, and many more. Lately, these systems have become a popular target for cyber attacks. Both during their design and while operational, security is often an afterthought, leaving them vulnerable to all sorts of attacks.

          This paper presents a formal approach for analysing the security of Industrial Control Systems. A knowledge-based system, namely IDP, is used to analyse a model of the control system and extract system vulnerabilities. In this paper we present the input model of the methodology and the inferences and queries that allow the system to extract vulnerabilities. This methodology has been added to an existing framework where the user can model his system in the modeling language SysML. This SysML model then gets parsed into suitable IDP input. A fully working prototype has been developed and the approach has been validated on a real case study.

          Related collections

          Most cited references 12

          • Record: found
          • Abstract: not found
          • Conference Proceedings: not found

          Model-based Security Metrics Using ADversary VIew Security Evaluation (ADVISE)

            Bookmark
            • Record: found
            • Abstract: not found
            • Article: not found

            The Cyber Security Modeling Language: A Tool for Assessing the Vulnerability of Enterprise System Architectures

              Bookmark
              • Record: found
              • Abstract: not found
              • Conference Proceedings: not found

              Cauldron mission-centric cyber situational awareness with defense in depth

                Bookmark

                Author and article information

                Contributors
                Conference
                September 2015
                September 2015
                : 1-10
                Affiliations
                KU Leuven, MSEC, iMinds-DistriNet

                Department of Computer Science

                Gebroeders Desmetstraat 1, 9000 Ghent, Belgium
                KU Leuven

                Department of Computer Science

                Celestijnenlaan 200A, 3001 Heverlee, Belgium
                Article
                10.14236/ewic/ICS2015.1
                © Lemaire et al. Published by BCS Learning & Development Ltd. Proceedings of the 3 rd International Symposium for ICS & SCADA Cyber Security Research 2015

                This work is licensed under a Creative Commons Attribution 4.0 Unported License. To view a copy of this license, visit http://creativecommons.org/licenses/by/4.0/

                3rd International Symposium for ICS & SCADA Cyber Security Research 2015 (ICS-CSR 2015)
                ICS-CSR
                3
                Germany
                17 - 18 September 2015
                Electronic Workshops in Computing (eWiC)
                Industrial Control System & SCADA Cyber Security Research (ICS-CSR)
                Product
                Product Information: 1477-9358BCS Learning & Development
                Self URI (journal page): https://ewic.bcs.org/
                Categories
                Electronic Workshops in Computing

                Comments

                Comment on this article