745
views
0
recommends
+1 Recommend
1 collections
    4
    shares
       
      • Record: found
      • Abstract: found
      • Conference Proceedings: found
      Is Open Access

      Automated Asset Discovery in Industrial Control Systems - Exploring the Problem

      proceedings-article

      ,

      3rd International Symposium for ICS & SCADA Cyber Security Research 2015 (ICS-CSR 2015) (ICS-CSR)

      Industrial Control System & SCADA Cyber Security Research (ICS-CSR)

      17 - 18 September 2015

      SCADA, ICS, automated device discovery, passive, active, safety

      Bookmark

            Abstract

            Vulnerabilities within Industrial Control Systems (ICS) and Critical National Infrastructure (CNI) represent a significant safety, ecological and economical risk to owners, operators and nation states. Numerous examples from recent years are available to demonstrate that these vulnerabilities are being exploited by threat actors. One of the first steps required when securing legacy infrastructures is to obtain a complete asset (device) inventory, as is it impossible to protect a system without first understanding its content and connectivity. ICS environments offer significant challenges to the automated and safe discovery of network connected devices. Legacy ICS-based network services are often very fragile and networks are often sensitive to increased traffic, latency or interference, precluding the use of active scanning technologies. The decentralised nature of ICS traffic flows alongside the lack of capability of legacy network equipment make the use of standard passive scanning technologies difficult. This paper presents an overview and understanding of passive ICS discovery and provides the results of an experiment to show how existing passive scanning tools fare in an ICS environment in which port mirroring technologies are not ubiquitously supported.

            Content

            Author and article information

            Contributors
            Conference
            September 2015
            September 2015
            : 73-83
            Affiliations
            [0001]Airbus Group Innovations

            Quadrant House

            Celtic Springs

            Newport, NP10 8FZ

            UK
            Article
            10.14236/ewic/ICS2015.8
            c8c355b7-473c-4eb8-a012-9d62d72c7dfc
            © Wedgbury et al. Published by BCS Learning & Development Ltd. Proceedings of the 3 rd International Symposium for ICS & SCADA Cyber Security Research 2015

            This work is licensed under a Creative Commons Attribution 4.0 Unported License. To view a copy of this license, visit http://creativecommons.org/licenses/by/4.0/

            3rd International Symposium for ICS & SCADA Cyber Security Research 2015 (ICS-CSR 2015)
            ICS-CSR
            3
            Germany
            17 - 18 September 2015
            Electronic Workshops in Computing (eWiC)
            Industrial Control System & SCADA Cyber Security Research (ICS-CSR)
            Product
            Product Information: 1477-9358BCS Learning & Development
            Self URI (journal page): https://ewic.bcs.org/
            Categories
            Electronic Workshops in Computing

            References

            1. Tenable passive vulnerability scanner data sheet 2013 Sept Tenable Network Security White Paper

            2. Optimizing it technology refresh policies 2015 An approach to balancing capital spending, operating efficiency, and risk mitigation Archstone Consulting White Paper Available from http://www.archstoneconsulting. com/services/it-strategyopeations/white-papers/ optimizing-it-technology.jsp

            3. 2014 Mar Impact of the Shodan computer search engine on internet-facing industrial control system devices M.S. thesis, Air Force Institute of Technology Wrightpatterson AFB Oh Graduate School of Engineering and Management

            4. 2012 July #1 ICS and SCADA security myth: Protection by air gap Tofino Security White Paper

            5. 2013 Wireless communications for SCADA systems utilizing mobile nodes Int. J. Smart Home 7 5 1 8

            6. 2014 Jan NERC (CIP-002) identification of critical cyber assets

            7. 2013 Introduction to industrial control networks IEEE Commun. Surveys Tuts 15 2 860 880

            8. ICS-CERT 2014 Feb The ICS-CERT year in review 2013. USA Homeland Security ICS-CERT, Tech Rep

            9. 2009 Nov Management of the LHCB network based on SCADA system CERN The European Organization for Nuclear Research Technical Report

            10. 2013 Nov It asset management benefits & best practices SolarWinds Worldwide LLC White Paper

            11. 2014 Safety and security monitoring in ICS/SCADA systems Proceedings of the 2nd International Symposium for ICS & SCADA Cyber Security Research

            12. 2012 SCADA security in the light of cyber-warfare Comput. Secur 31 4 418 436

            13. 2003 Feb Network system and method for automatic discovery of topology using overhead bandwidth

            14. 2013 Dec Window of exposure a real problem for SCADA systems? recommendations for Europe on SCADA patching European Union Agency for Network and Information Security (ENISA), Tech Rep

            15. 2005 Assessment methods for SCADA security Proceedings of 15th Annual Joint ISA POWID/EPRI Controls and Instrumentation Conference

            16. 2006 Nov Using the Nessus vulnerability scanner on control systems Digital Bond White Paper

            17. 2012 Using cyber security assessment tools on industrial control systems Digital Bond White Paper

            18. 2012 Apr SCADA security and the data link layer Available from http://blog.cimation.com/ blog/scada-security-and-theosi-data-link-layer

            19. 2014 Dec Developing cyber forensics for SCADA industrial control systems Proceedings of the International Conference on Information Security and Cyber Forensics Universiti Sultan Zainal Abidin Kuala Terengganu, Malaysia

            20. 2010 On investigating ARP spoofing security solutions Internet Protocol Technology 5 1/2

            21. 2012 Dec 20 critical security controls control 1: Inventory of authorized and unauthorized devices

            22. 2014 Control systems/SCADA forensics, what’s the difference? Digital Investigation 11 3 160 174 Special Issue: Embedded Forensics

            23. 2006 Sept Identifying supervisory control and data acquisition (SCADA) systems on a network via remote reconnaissance M.S. thesis, Naval Postgraduate School Monterey, California

            24. 2014 June Distinguishing internet-facing ICS devices using PLC programming information M.S. Thesis, USA Air Force Institute of Technology

            25. 2013 Towards a SCADA forensics architecture Proceedings of the 1st International Symposium for ICS & SCADA Cyber Security Research

            26. 2002 Sept Classification of service discovery in pervasive computing environments Michigan State University

            Comments

            Comment on this article