+1 Recommend
1 collections
      • Record: found
      • Abstract: found
      • Conference Proceedings: found
      Is Open Access

      Towards a Distributed Runtime Monitor for ICS/SCADA Systems


      , , ,

      4th International Symposium for ICS & SCADA Cyber Security Research 2016 (ICS-CSR)

      Cyber Security Research

      23 - 25 August 2016

      SCADA, ICS, cyber, security, idstributed, run-time, monitoring



            IndustrialControl Systems (ICS) and SCADA (SupervisoryControl and Data Acquisition) systems are typically used in industries such as electricity generation and supply, gas supply, logistics, manufacturing and hospitals and are considered critical national infrastructure. The evolution of these systems from isolated environments into internet connected ones, in combination with their long service life and real-time nature have raised severe security concerns in the event of a cyber-attack. In this paper, we review the current literature surrounding the threats, vulnerabilities, exploits and existing approaches to securing vulnerable SCADA systems. We then focus specifically on the development of a distributed online runtime monitor to detect violations of safety properties.We conclude with suggestions for further research needed to progress the state of the art in the area of distributed online runtime verification of SCADA systems.


            Author and article information

            August 2016
            August 2016
            : 132-141
            [0001]Department of Computer Science

            University of Leicester

            Leicester, UK
            [0002]Airbus Group Innovations

            Newport, UK
            [0003]Software Technology Research Laboratory

            De Montfort University

            Leicester, UK
            © Wain et al. Published by BCS Learning & Development Ltd. Proceedings of the 4th International Symposium for ICS & SCADA Cyber Security Research 2016

            This work is licensed under a Creative Commons Attribution 4.0 Unported License. To view a copy of this license, visit http://creativecommons.org/licenses/by/4.0/

            4th International Symposium for ICS & SCADA Cyber Security Research 2016
            Queen’s Belfast University, UK
            23 - 25 August 2016
            Electronic Workshops in Computing (eWiC)
            Cyber Security Research
            Product Information: 1477-9358BCS Learning & Development
            Self URI (journal page): https://ewic.bcs.org/
            Electronic Workshops in Computing


            1. 2009 Component-oriented architecture for SCADA system Industrial Informatics,2009. INDIN 2009. 7th IEEE International Conference on 422 427

            2. et al 2005 Cryptographic protection of SCADA communications part 1: Background, policies and test plan Technical Report AGA Report

            3. 2012 A first look into SCADA network traffic Network Operations and Management Symposium (NOMS), 2012 IEEE 518 521

            4. et al 2002 Key management for SCADA. Cryptog. Information Sys. Security Dept., Sandia Nat. Labs, Tech. Rep. SAND2001-3252 ext-link-type="uri" xlink: href="http://www.smartgridinformation.info/pdf/">http://www.smartgridinformation.info/pdf/4646_doc_1.pdf

            5. et al 2015 Tytan: Tiny trust anchor for tiny devices 52ndACM/EDAC/IEEE Design Automation Conference (DAC) 1 6

            6. 2008 Research challenges for the security of control systems HotSec ext-link-type="uri" xlink: href="https://www.usenix.org/legacy/events/hotsec08/">https://www.usenix.org/legacy/events/hotsec08/tech/full_papers/cardenas/cardenas_html/ hotsecHTML.html

            7. 2009 Interval temporal logic ext-link-type="uri" xlink: href="http://www.antonio-cau.co.uk/ITL/">http://www.antonio-cau.co.uk/ITL/

            8. 2009 Advanced key-management architecture for secure SCADA communications IEEE Transactions on Power Delivery 24 3 1154 1163

            9. et al 2006 SKMA: A key management architecture for SCADA systems Proceedings of the 2006 Australasian Workshops on Grid Computing and e-Research - Volume 54’, ACSW Frontiers ’06 Australian Computer Society, Inc Darlinghurst, Australia, Australia 183 192 ext-link-type="uri" xlink: href="http://dl.acm.org/citation.cfm?id=1151828">http://dl.acm.org/citation.cfm?id=1151828 1151850

            10. 2015 An agent based monitoring architecture for plug and produce based manufacturing systems Industrial Informatics (INDIN), 2015 IEEE 13th International Conference on 1318 1323

            11. E-ISAC 2016 Analysis of the cyber attack on the ukrainian power grid Electricity Information Sharing and Analysis Center, Tech. Rep

            12. 2004 A fault tolerant control and sensor network with predictable real time qos AFRICON,2004. 7th AFRICON Conference in Africa 2 1229 1234

            13. 2011 W32. stuxnet dossier White Paper, Symantec Corp., Security Response 5

            14. 2012 Critical state-based filtering system for securing SCADA network protocols IEEE Transactions on Industrial Electronics 59 10 3943 3950

            15. 2014 Isolating trust in an industrial control system-on-chip architecture Resilient ControlSystems (ISRCS),2014 7th International Symposium on 1 6

            16. 2009 The viking project: An initiative on resilient control of power networks Resilient Control Systems,2009. ISRCS ’09. 2nd International Symposium on 31 35

            17. 2014 WCET-aware partial control-flow checking for resource-constrained real-time embedded systems IEEE Transactions on Industrial Electronics 61 10 5652 5661

            18. 2014 Through the eye of the PLC: Semantic security monitoring for industrial processes Proceedings of the 30th Annual Computer Security Applications Conference ACSAC ’14, ACM, New York, NY, USA 126 135 ext-link-type="uri" xlink: href="http://doi.acm.org/10.1145/2664243.2664277">http://doi.acm.org/10.1145/2664243.2664277

            19. 1988 Programming in temporal logic PhD thesis, University of Cambridge

            20. 2015 Runtime-monitoring for industrial control systems Electronics 4 4 995 ext-link-type="uri" xlink: href="http://www.mdpi.com/2079-9292/4/4/995">http://www.mdpi.com/2079-9292/4/4/995

            21. 2004 SCADA protocols and communication trends ISA2004

            22. 2014 Development of an attack-resistant and secure SCADA system using WSN, MANET, and Internet International Journal of Advanced Computer Research 4 2 627

            23. 2008 An efficient key management scheme for secure SCADA communication Proceedings of world academy of science, engineering and technology 35 Citeseer

            24. 2009 A brief account of runtime verification The Journal of Logic and Algebraic Programming 78 5 293 303

            25. 2011 Runtime verification in distributed computing Journal of Convergence 2 1 1 10

            26. 2015 A non-intrusive solution to guarantee runtime behavior of open SCADA systems 2015 IEEE International Conference on Web Services (ICWS) 739 742

            27. 1997 IOLUS: A framework for scalable secure multicasting SIGCOMM Comput. Commun. Rev. 27 4 277 288 ext-link-type="uri" xlink: href="http://doi.acm.org/10.1145/263109.263179">http://doi.acm.org/10.1145/263109.263179

            28. 2010 A retrofit network transaction data logger and intrusion detection system for transmission and distribution substations Power and Energy (PECon), 2010 IEEE International Conference on 958 963

            29. 1984 Executing temporal logic programs Seminar on concurrency Springer 111 130

            30. 2012 Monitoring arbitrary activation patterns in real-time systems RealTime Systems Symposium (RTSS), 2012 IEEE 33rd 293 302

            31. 2012 SCADA security in the light of cyber-warfare Computers & Security 31 4 418 436 ext-link-type="uri" xlink: href="http://www.sciencedirect.com/science/article/pii/">http://www.sciencedirect.com/science/article/pii/S0167404812000429

            32. 2009 Cryptographic key management for SCADA system: An architectural framework Advances in Computing, Control, Telecommunication Technologies,2009. ACT ’09. International Conference on 169 174

            33. 2011 Runtime verification for ultra-critical systems Runtime Verification Springer 310 324

            34. 2008 Cryptographic key management for SCADA systems-issues and perspectives. In: Information Security and Assurance, 2008. ISA 2008. International Conference on 156 161

            35. 2007 A decision support system with distributed agents for large-scale process control Control Automation,2007. MED ’07. Mediterranean Conference on 1 6

            36. 2015 Secured communication among HMI and controller using RC-4 algorithm and raspberry pi TELKOMNIKA Indonesian Journal of Electrical Engineering 15 3 526 532

            37. 2004 Efficient decentralized monitoring of safety in distributed systems Software Engineering, 2004. ICSE 2004. Proceedings. 26th International Conference on 418 427

            38. 2008 YASIR: A low-latency, high-integrity security retrofit for legacy SCADA systems Proceedings of The IFIP TC 11 23rd International Information Security Conference Springer 445 459

            39. 2014 Techniques for detecting attacks on critical infrastructure Computing, Networking and Communications (ICNC), 2014 International Conference on 48 52

            40. 2012 Network-aware mitigation of data integrity attacks on power system state estimation IEEE Journal on Selected Areas in Communications 30 6 1108 1118

            41. 2008 A runtime verification monitoring approach for embedded industrial controllers Industrial Electronics,2008. ISIE 2008. IEEE International Symposium on 2016 2021

            42. 2004 Low-latency cryptographic protection for SCADA communications Applied Cryptography and Network Security Springer 263 277


            Comment on this article