scholarly journals USBCaptchaIn: Preventing (un)conventional attacks from promiscuously used USB devices in industrial control systems1

2020 ◽  
pp. 1-26
Author(s):  
Federico Griscioli ◽  
Maurizio Pizzonia
Keyword(s):  
Control Systems ◽  
Industrial Control ◽  
Security Risks ◽  
Human Errors ◽  
Industrial Control Systems ◽  
High Profile ◽  
Advanced Persistent Threats ◽  
Informal Feedback ◽  
Main Component ◽  
Critical Machines

Industrial Control Systems (ICS) are sensible targets for high profile attackers and advanced persistent threats, which are known to exploit USB thumb drives as an effective spreading vector. In ICSes, thumb drives are widely used to transfer files among disconnected systems and represent a serious security risks, since, they may be promiscuously used in both critical and regular systems. The threats come both from malware hidden in files stored in the thumb drives and from BadUSB attacks. BadUSB leverages the modification of firmware of USB devices in order to mimic the behaviour of a keyboard and send malicious commands to the host. We present a solution that allows a promiscuous use of USB thumbs drives while protecting critical machines from malware, that spreads by regular file infection or by firmware infection. The main component of the architecture we propose is an hardware, called USBCaptchaIn, intended to be in the middle between critical machines and connected USB devices. We do not require users to change the way they use thumb drives. To avoid human-errors, we do not require users to take any decision. The proposed approach is highly compatible with already deployed products of a ICS environment and proactively blocks malware before they reach their targets. We describe our solution, provide a thorough analysis of the security of our approach in the ICS context, and report the informal feedback of some experts regarding our first prototypes.

Information Security Evaluation of the Key Equipment in Industrial Control Systems

2013 ◽  
Vol 336-338 ◽  
pp. 1640-1644
Author(s):  
Zhi Gang Zhang ◽  
Zhuo Lv ◽  
Shuang Xia Niu
Keyword(s):  
Control System ◽  
Information Security ◽  
Control Systems ◽  
Research Program ◽  
System Level ◽  
Security Evaluation ◽  
Industrial Control System ◽  
Industrial Control ◽  
Security Risks ◽  
Industrial Control Systems

This paper analyzes the information security risks faced by the industrial control systems, Propose the Information Security Evaluation on industrial control system based on the level protection assessment technology, The development of industrial control system from the device level , field-level and system-level three levels of information security evaluation, propose the next step in the research program.

scholarly journals A new safety and security risk analysis framework for industrial control systems

2018 ◽  
Vol 233 (2) ◽  
pp. 151-174
Author(s):  
Siwar Kriaa ◽  
Marc Bouissou ◽  
Youssef Laarouchi
Keyword(s):  
Risk Analysis ◽  
Control Systems ◽  
Information And Communication Technologies ◽  
Joint Modeling ◽  
Automatic Generation ◽  
Cyber Attacks ◽  
Security Risk ◽  
Industrial Control ◽  
Security Risks ◽  
Industrial Control Systems

The migration of modern industrial control systems toward information and communication technologies exposes them to cyber-attacks that can alter the way they function, thereby causing adverse consequences on the system and its environment. It has consequently become crucial to consider security risks in traditional safety risk analyses for industrial systems controlled by modern industrial control system. We propose in this article a new framework for safety and security joint risk analysis for industrial control systems. S-cube (for supervisory control and data acquisition safety and security joint modeling) is a new model-based approach that enables, thanks to a knowledge base, formal modeling of the physical and functional architecture of cyber-physical systems and automatic generation of a qualitative and quantitative analysis encompassing safety risks (accidental) and security risks (malicious). We first give the principle and rationale of S-cube and then we illustrate its inputs and outputs on a case study.

scholarly journals Demystifying Advanced Persistent Threats for Industrial Control Systems

2017 ◽  
Vol 139 (03) ◽  
pp. S13-S17 ◽  
Author(s):  
Anastasis Keliris ◽  
Michail Maniatakos
Keyword(s):  
Best Practices ◽  
Control Systems ◽  
Defense Mechanisms ◽  
Industrial Control ◽  
Industrial Control Systems ◽  
Advanced Persistent Threat ◽  
Continuous Type ◽  
Defensive Strategies ◽  
Advanced Persistent Threats ◽  
High Level

This article discusses a comprehensive methodology for designing an Advanced Persistent Threat (APT), which is a stealthy and continuous type of cyberattack with a high level of sophistication suitable for the complex environment of Industrial Control Systems (ICS). The article also explains defensive strategies that can assist in thwarting cyberattacks. The APT design process begins with Reconnaissance, which is continuously undertaken throughout the lifetime of a cyberattack campaign. With regard to securing the network infrastructure of an ICS, best practices for network security should be enforced. These could include the use of firewalls, Intrusion Detection or Prevention Systems (IDS/IPS), and network separation between corporate and field networks. A new field of research for securing ICS relates to process-aware defense mechanisms. These mechanisms analyze information directly from the field and try to detect anomalies specific to the physical characteristics of an ICS process.

Sign in / Sign up

Export Citation Format

Share Document