Review of the Types of Strategies to Improve Security of Industrial Control Systems and Critical Infrastructure
Document Type : Original Article
Abstract
Nowadays, economic and political development of a society depends on the performance of critical infrastructure such as energy, water, ICT, banking, research and education, transportation, health and treatment, etc. Control and monitoring of critical infrastructure and industrial systems are performed by intelligent network control systems. Major threats to critical infrastructure and industrial control systems are targeted attacks such as cyber ones in which the attacker tailors its strategy for industrial control systems. In order to achieve a secure community, development of protected infrastructure, securing the critical information, and construction of intrinsically secure control systems are absolutely essential. There are a vast number of solutions to security of industrial control systems. The aim of this paper is to classify the solutions into two categories, namely basic strategies and structural strategies. Moreover, some of the common pitfalls and mistakes in the employment of security solutions are addressed.
G. Manimaran, A. Hann, and P. Sauer, “Cyber-physical systems security for smart grid,” Future Grid Initiative White Paper, Power systems engineering research center publication (PSERC), 2012.##
A. Afshar, A. Termehchy, A. Golshan, A. Aghaeeyan, and H. Shahriyari, “Survey on Cyber Security of Industrial Control Systems,” Journal of Control, vol. 8, no. 1, Spring 2014. (in Persion)##
http://searchsecurity.techtarget.com/definition/defense-in-depth, accessed on 07/07/2018.##
P. Wade, P. Malkewicz, and J. Novak, “Industrial Cyber Security: From the Perspective of the Power Sector,” Presented at DEFCON 18, Riviera Hotel, Las Vegas NV, July 29th-August 1st 2010.##
U.S. Department of Homeland Security (DHS), “Recommended Practice: Improving Industrial Control Systems Cybersecurity with Defense-In-Depth Strategies,” Control Systems Security Program (CSSP), US-CERT Defense in Depth, October 2009.##
ISA, “ANSI/ISA–62443-1-1 (99.01.01) Security for Industrial Automation and Control Systems Part 1: Terminology, Concepts, and Models,” 2007.##
A. Afshar, A. Termehchy, A. Golshan, A. Aghaeeyan, S. Soleimani, and H. Shahriyari, “Comprehensive Conceptual Model of Control System's Vulnerabilities,” journal of Passive Defence, vol. 24, no. 6, pp. 23-32, winter 2015. (in Persion)##
ISA, “ANSI/ISA-62443-1-1, (ANSI/ISA-99.00.01-2007) Security for Industrial Automation and Control Systems Terminology, Concepts and models,” 2007.##
Stouffer, Keith, Joe Falco, and Karen Scarfone, “Guide to Industrial Control Systems (ICS) Security,” NIST special publication 800.82, 2011.##
http://isa99.isa.org, ISA99: Developing the Vital ISA/IEC 62443 Series of Standards on Industrial Automation and Control Systems (IACS) Security, accessed on 07/07/2018.##
U.S. Department of Homeland Security (DHS), “Chemical Facility Anti-Terrorism Standards (CFATS),” 2006.##
IEC, TR, “62210: Power system control and associated communications–Data and communication security,” International Electrotechnical Commission, 2003.##
PA Consulting Group, “NISCC: Good Practice Guide: Process Control and SCADA Security,” October 2005.##
American Chemistry Council’s Chemical Information Technology Council (ChemITC) ™, “Chemical Sector Cyber Security Program; Guidance for Addressing Cyber Security in the Chemical Industry,” Version 3.0, 2006.##
http://www.nerc.com/pa/Stand/Pages/CIPStandards.aspx, accessed on 07/07/2018.##
U.S. Nuclear Regulatory Commission, “Cyber security programs for nuclear facilities,” Regulatory Guide 5.71, 2010.##
http://www.bomara.com/G arrett/wp_nerc_cip_compliance.html, accessed on 07/07/2018.##
http://embedded.communit ies.intel.com, accessed on 07/07/2018.##
F. Igor Nai, A. Carcano, M. Masera, and A. Trombetta, “Design and implementation of a secure modbus protocol,” Critical Infrastructure Protection III, Springer Berlin Heidelberg, pp. 83-96, 2009.##
I. Eusgeld, F. Freiling, and R. H. Reussner, “Dependability Metrics: GI-Dagstuhl Research Seminar; Dagstuhl Castle, Germany; October 5-November 1, 2005,” Advanced Lectures, vol. 4909, Springer 2008.##
IEEE Standards Association; WGC6; P1711 - Standard for a Cryptographic Protocol for Cyber Security of Substation Serial Links.##
Department of Homeland Security, “Control Systems Communications Encryption Primer,” U.S. Department of Homeland Security (DHS), 2009.##
P. Tsang Patrick and W. S. Sean, “YASIR: A low-latency, high-integrity security retrofit for legacy SCADA systems,” In Proceedings of The Ifip Tc 11 23rd International Information Security Conference, Springer US, pp. 445-459, 2008.##
C. Rasika, C. Hauser, and D. E. Bakken, “Long-lived authentication protocols for process control systems,” International Journal of Critical Infrastructure Protection, vol. 3, no. 3, pp. 174-181, 2010.##
A. Saurabh, “On cyber security for networked control systems,” Ph.D. Thesis, University of California, Berkeley, 2011.##
D. Wei. and K. Ji, “Resilient industrial control system (RICS): Concepts, formulation, metrics, and insights,” IEEE 3rd International Symposium on Resilient Control Systems (ISRCS), 2010.##
C. G. Rieger, D. I. Gertman, and Miles A. McQueen, “Resilient control systems: next generation design research,” IEEE 2nd Conference on Human System Interactions, 2009.##
R. Arghandeh, Alexandra. Von Meier, L. Mehrmanesh, and Lamine Mili, “On the definition of cyber-physical resilience in power systems,” Renewable and Sustainable Energy Reviews 58, pp. 1060-1069, 2016.##
https://www.tofinosecurity.com/products/tofino-security-appliance, accessed on 07/07/2018.##
http://www.siemens.com/entry/cc/en/, accessed on 07/07/2018.##
Termehchy, Atefeh, “Control of cyber attacks damages to critical infrastructure,” M.Sc. Thesis, Amirkabir University of Technology, Iran, 2013.(in Persion)##
D. Knapp Eric and J. T. Langill, “Industrial network security: securing critical infrastructure networks for Smart Grid, SCADA, and other industrial control systems,” Syngress, 2014.##
(2018). Review of the Types of Strategies to Improve Security of Industrial Control Systems and Critical Infrastructure. Passive Defense, 9(2), 1-9.
MLA
. "Review of the Types of Strategies to Improve Security of Industrial Control Systems and Critical Infrastructure", Passive Defense, 9, 2, 2018, 1-9.
HARVARD
(2018). 'Review of the Types of Strategies to Improve Security of Industrial Control Systems and Critical Infrastructure', Passive Defense, 9(2), pp. 1-9.
VANCOUVER
Review of the Types of Strategies to Improve Security of Industrial Control Systems and Critical Infrastructure. Passive Defense, 2018; 9(2): 1-9.