• PDF / 179,094 Bytes
• 11 Pages / 439.37 x 666.142 pts Page_size
• 22 Downloads / 222 Views

DOWNLOAD

REPORT

EDF R&D, 1 Avenue du G´en´eral de Gaulle, 92140 Clamart, France [email protected] 2 T´el´ecom ParisTech, 46 rue Barrault, 75013 Paris, France {ismail.ziad,jean.leneutre}@telecom-paristech.fr

Abstract. The improved communication and remote control capabilities of industrial control systems equipment have increased their attack surface. As a result, managing the security risk became a challenging task. The consequences of attacks in an industrial control system can go beyond targeted equipment to impact services in the industrial process. In addition, the success likelihood of an attack is highly correlated to the attacker profile and his knowledge of the architecture of the system. In this paper, we present the Attack Execution Model (AEM), which is an attack graph representing the evolution of the adversary’s state in the system after each attack step. We are interested in assessing the risk of cyber attacks on an industrial control system before the next maintenance period. Given a specific attacker profile, we generate all potential attacker actions that could be executed in the system. Our tool outputs the probability and the time needed to compromise a target equipment or services in the system. Keywords: Industrial control systems security Attack graph

1

·

SCADA security

·

Introduction

In industrial control systems (ICSs), unpatched vulnerabilities continue to pose a serious threat to the security and safety of these systems. In 2014, most incidents reported by ICS-CERT targeted the energy sector [1]. The impact of cyber attacks on industrial control systems extends in scope, severity and damage than their counterparts in traditional IT systems. The introduction of new communication mediums between the system operator and industrial equipment and the use of off-the-shelf operating systems have increased the attack surface of these systems. The notion that control networks of industrial systems are “air gapped” (isolated from unsecured networks such as the internet) does not hold anymore [2] and the increased number of cyber attacks targeting these systems is a clear indication. In order to assess the potential impact of a cyber attack, utilities need to identify all possible actions that can be undertook by an adversary to compromise critical equipment and services in the control system. c Springer International Publishing Switzerland 2016  A. B´ ecue et al. (Eds.): CyberICS 2015/WOS-CPS 2015, LNCS 9588, pp. 157–167, 2016. DOI: 10.1007/978-3-319-40385-4 11

158

Z. Ismail et al.

Our main objective is to assess the risk of cyber attacks on industrial control systems before the next maintenance period. The asset owner has to quantify the risk unpatched vulnerabilities pose to the system. A good assessment of the probability of successfully exploiting vulnerabilities in industrial control systems should take into account attackers’ profiles that include their skills, access levels on machines, and their knowledge of the topology of the control system. In order to identify the critical vulnerabilities, w

Recommend Documents

Cyber-security of SCADA and Other Industrial Control Systems

198 46 9MB

Security for cyber-physical systems: Secure control against known-plaintext attack

167 97 137KB

Using Datasets from Industrial Control Systems for Cyber Security Research and Education

134 20 16MB

Advanced Persistent Threat Model for Testing Industrial Control System Security Mechanisms

173 38 171KB

Control Performance Management in Industrial Automation Assessment,

171 37 13MB

An Integrated Planning and Execution Model for Supporting Emergency Response

181 75 16MB

PoW-Based Sybil Attack Resistant Model for P2P Reputation Systems

137 54 55MB

Recent Developments on Industrial Control Systems Resilience

233 39 13MB

Security Challenges for Industrial IoT

144 16 7MB

Modelling and Control for Intelligent Industrial Systems Adaptive Al

209 50 14MB

Active Database Execution Model

175 40 2MB

Nonlinear Industrial Control Systems Optimal Polynomial Systems and

206 13 25MB