407
views
0
recommends
+1 Recommend
1 collections
    8
    shares
       
      • Record: found
      • Abstract: found
      • Conference Proceedings: found
      Is Open Access

      Extracting Vulnerabilities in Industrial Control Systems using a Knowledge-Based System

      proceedings-article

      , , ,

      3rd International Symposium for ICS & SCADA Cyber Security Research 2015 (ICS-CSR 2015) (ICS-CSR)

      Industrial Control System & SCADA Cyber Security Research (ICS-CSR)

      17 - 18 September 2015

      industrial control systems security, critical infrastructure protection, formal modeling, IDP

      Bookmark

            Abstract

            Industrial Control Systems (ICS) are used for monitoring and controlling critical infrastructures such as power stations, waste water treatment facilities, traffic lights, and many more. Lately, these systems have become a popular target for cyber attacks. Both during their design and while operational, security is often an afterthought, leaving them vulnerable to all sorts of attacks.Industrial Control Systems (ICS) are used for monitoring and controlling critical infrastructures such as power stations, waste water treatment facilities, traffic lights, and many more. Lately, these systems have become a popular target for cyber attacks. Both during their design and while operational, security is often an afterthought, leaving them vulnerable to all sorts of attacks. This paper presents a formal approach for analysing the security of Industrial Control Systems. A knowledge-based system, namely IDP, is used to analyse a model of the control system and extract system vulnerabilities. In this paper we present the input model of the methodology and the inferences and queries that allow the system to extract vulnerabilities. This methodology has been added to an existing framework where the user can model his system in the modeling language SysML. This SysML model then gets parsed into suitable IDP input. A fully working prototype has been developed and the approach has been validated on a real case study.

            Content

            Author and article information

            Contributors
            Conference
            September 2015
            September 2015
            : 1-10
            Affiliations
            [0001]KU Leuven, MSEC, iMinds-DistriNet

            Department of Computer Science

            Gebroeders Desmetstraat 1, 9000 Ghent, Belgium
            [0002]KU Leuven

            Department of Computer Science

            Celestijnenlaan 200A, 3001 Heverlee, Belgium
            Article
            10.14236/ewic/ICS2015.1
            7f958e26-572e-45b0-a5c6-67f95847cb79
            © Lemaire et al. Published by BCS Learning & Development Ltd. Proceedings of the 3 rd International Symposium for ICS & SCADA Cyber Security Research 2015

            This work is licensed under a Creative Commons Attribution 4.0 Unported License. To view a copy of this license, visit http://creativecommons.org/licenses/by/4.0/

            3rd International Symposium for ICS & SCADA Cyber Security Research 2015 (ICS-CSR 2015)
            ICS-CSR
            3
            Germany
            17 - 18 September 2015
            Electronic Workshops in Computing (eWiC)
            Industrial Control System & SCADA Cyber Security Research (ICS-CSR)
            Product
            Product Information: 1477-9358BCS Learning & Development
            Self URI (journal page): https://ewic.bcs.org/
            Categories
            Electronic Workshops in Computing

            References

            1. 2008 Malicious control system cyber security attack case study– Maroochy water services Australia

            2. ANSI/ISA-62443-3-3 (99.03.03) 2013 Security for industrial automation and control systems part 3-3: System security requirements and security levels

            3. 2012 The IDP framework reference manual

            4. ENISA 2011 Protecting industrial control systems: Recommendations for Europe and member states

            5. , and 2011 W32.Stuxnet Dossier

            6. 2013 Implementing the ADVISE security modeling formalism in Möbius 2013 43rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN) 1 8

            7. ISO/IEC 21827 2008 Information technology – security techniques – systems security engineering – capability maturity model (SSECMM) Geneva, Switzerland

            8. 2011 Cauldron mission-centric cyber situational awareness with defense in depth Military Communications Conference 2011-MILCOM 2011 1339 1344

            9. 2013 To kill a centrifuge: A technical analysis of what stuxnets creators tried to achieve

            10. 2014 A SysML extension for security analysis of industrial control systems Proceedings of the 2nd International Symposium for ICS & SCADA Cyber Security Research 1 9

            11. 2011 Model-based security metrics using adversary view security evaluation (ADVISE) 2011 Eighth International Conference on IEEE Quantitative Evaluation of Systems (QEST) 191 200

            12. 2011 Stuxnet under the microscope

            13. 2013 Security-aware, model-based systems engineering with SysML Proceedings of the 1st International Symposium for ICS & SCADA Cyber Security Research 78

            14. 2005 MulVAL: A logic-based network security analyzer In USENIX security

            15. 2002 Automatic synthesis of dynamic fault trees from UML system models In:ISSRE 2003 Proceedings 13th IEEE International Symposium on Software Reliability Engineering 243–254

            16. 2013 The cyber security modeling language: A tool for assessing the vulnerability of enterprise system architectures IEEE Syst. J 7 3 363 373

            17. 2010 A case study applying the cyber security modeling language

            18. 2015 Guide to industrial control systems (ICS) security

            19. , and 2008 Recommended practice for patch management of control systems

            20. 2008 The IDP system: A model expansion system for an extension of classical logic In: Proceedings of the 2nd Workshop on Logic and Search 153 165

            Comments

            Comment on this article