Use of aggressor profiling in cyber security risk assessments for industrial control systems

The contemporary trend of increasing connectivity, interoperability and efficiency of technologies, which are used in organizations, also affected Industrial Control System (further only ICS). The recently isolated system is becoming more dependent on interconnection with external technologies. This leads to a formation of new vulnerabilities, which are significant threats to ICS. For this reason, it is necessary to devote considerable effort to analyze vulnerabilities. Neglecting of this area could lead to damage or unavailability of ICS services. The purpose of the article is to evaluate vulnerabilities related to individual elements of ICS. The fundamental question of the article is to find a true distribution of security risk related to ICS.

Download Full-text

Cyber Security challenges and Issues of Industrial Control Systems–Some Security Recommendations

2019 IEEE International Smart Cities Conference (ISC2) ◽

10.1109/isc246665.2019.9071701 ◽

2019 ◽

Author(s):

Omar EL Idrissi ◽

Abdellatif Mezrioui ◽

Abdelhamid Belmekki

Keyword(s):

Control Systems ◽

Cyber Security ◽

Industrial Control ◽

Industrial Control Systems ◽

Security Challenges

Download Full-text

Industrial control systems: The biggest cyber threat

Annals of Civil and Environmental Engineering ◽

10.29328/journal.acee.1001026 ◽

2020 ◽

Vol 4 (1) ◽

pp. 044-046

Author(s):

Beretas Christos P

Keyword(s):

Control Systems ◽

Cyber Security ◽

Security Policy ◽

Security Requirements ◽

Security Policies ◽

Western World ◽

Control Analysis ◽

Industrial Control ◽

Industrial Control Systems ◽

Cyber Threats

Industrial control systems (ICS) are critical, as in these systems, cyber threats have the potential to affect, disorganize, change their mode of operation, act as an information extraction vehicle, and ultimately turn against itself. Creating risks to the system itself, infrastructure, downtime, leakage of sensitive data, and even loss of human life. Industrial control systems (ICS) are vital to the operation of all the modern automated infrastructure in the western world, such as power plant and power stations. Industrial control systems (ICS) differ from the traditional information systems and infrastructures of organizations and companies, a standard cyber security strategy cannot be implemented but part of it adapting to the real facts and needs of each country, legislation and infrastructure. These systems require continuous operation, reliability and rapid recovery when attacked electronically with automated control, isolation and attack management processes. Incorrect settings and lack of strategic planning can lead to unprotected operation of critical installations, as they do not meet the cyber security requirements. Industrial control systems (ICS) require special protection in their networks, as they should be considered vulnerable in all their areas, they need protection from cyber attacks against ICS, SCADA servers, workstations, PLC automations, etc. Security policies to be implemented should provide protection against cyber threats, and systems recovery without affecting the operation and reliability of operating processes. Security policies such as security assessment, smart reporting, vulnerability and threat simulation, integrity control analysis, apply security policy to shared systems, intrusion detection and prevention, and finally firewall with integrated antivirus and sandbox services should be considered essential entities.

Download Full-text