302
views
0
recommends
+1 Recommend
1 collections
    0
    shares
       
      • Record: found
      • Abstract: found
      • Conference Proceedings: found
      Is Open Access

      Securing Industrial Control Systems through Autonomous Hardening

      proceedings-article

      , , ,

      2nd International Symposium for ICS & SCADA Cyber Security Research 2014 (ICS-CSR 2014) (ICSCSR)

      ICS & SCADA Cyber Security Research 2014 (ICS-CSR 2014)

      11-12 September 2014

      cyber security, security hardening, security automation

      Bookmark

            Abstract

            The secure and reliable operation of industrial control systems is becoming more and more challenging due to the increasing size, complexity, and heterogeneity of such systems. A constant change of requirements and responsibilities results in an increased frequency of configuration and topological changes, which renders a manual verification of system security infeasible. Thus, there is a need for automatic mechanisms that allows a system to uphold a desired level of security autonomously. In this paper, we present a framework that enables a system to harden itself periodically, i.e., the framework ensures that each device complies to a security baseline tailored to the device’s functionality and capability. The evaluation of our implementation shows that the framework effectively and efficiently corrects any deviations from the desired state at each networked device and thereby guarantees that the overall system remains compliant to pre-defined security policies. Moreover, the scalability tests conducted in a cloud infrastructure indicate that the framework is suitable for fairly large networks, with hundreds of individual devices, which makes it suitable for a wide range of practical control systems.

            Content

            Author and article information

            Contributors
            Conference
            September 2014
            September 2014
            : 15-24
            Affiliations
            [0001]ABB Corporate Research
            Article
            10.14236/ewic/ICSCSR2014.3
            abe2705d-8bdd-4cc2-a564-9ef775cf9e43
            © Robin Chapas et al. Published by BCS Learning and Development Ltd. 2nd International Symposium for ICS & SCADA Cyber Security Research 2014 (ICS-CSR 2014), St Pölten, Austria

            This work is licensed under a Creative Commons Attribution 4.0 Unported License. To view a copy of this license, visit http://creativecommons.org/licenses/by/4.0/

            2nd International Symposium for ICS & SCADA Cyber Security Research 2014 (ICS-CSR 2014)
            ICSCSR
            2
            St Pölten, Austria
            11-12 September 2014
            Electronic Workshops in Computing (eWiC)
            ICS & SCADA Cyber Security Research 2014 (ICS-CSR 2014)
            Product
            Product Information: 1477-9358BCS Learning & Development
            Self URI (journal page): https://ewic.bcs.org/
            Categories
            Electronic Workshops in Computing

            Comments

            Comment on this article