SoK: Security of Programmable Logic Controllers

Billions of people rely on essential utility and manufacturing infrastructures such as water treatment plants, energy management, and food production. Our dependence on reliable infrastructures makes them valuable targets for cyberattacks. One of the prime targets for adversaries attacking physical infrastructures are Programmable Logic Controllers (PLCs) because they connect the cyber and physical worlds. In this study, we conduct the first comprehensive systematization of knowledge that explores the security of PLCs: We present an in-depth analysis of PLC attacks and defenses and discover trends in the security of PLCs from the last 17 years of research. We introduce a novel threat taxonomy for PLCs and Industrial Control Systems (ICS). Finally, we identify and point out research gaps that, if left ignored, could lead to new catastrophic attacks against critical infrastructures.Comment: 25 pages, 13 figures, Extended version February 2024, A shortened version is to be published in the 33rd USENIX Security Symposium, for more information, see https://efrenlopez.org

Open source SCADA systems for small renewable power generation

Low cost monitoring and control is essential for small renewable power systems. While large renewable power systems can use existing commercial technology for monitoring and control, that is not cost-effective for small renewable generation. Such small assets require cost-effective, flexible, secure, and reliable real-time coordinated data monitoring and control systems. Supervisory control and data acquisition (SCADA) is the perfect technology for this task. The available commercial SCADA solutions are mostly pricey and economically unjustifiable for smaller applications. They also pose interoperability issues with the existing components which are often from multiple vendors. Therefore, an open source SCADA system represents the most flexible and the most cost-effective SCADA solution. This thesis has been done in two phases. The first phase demonstrates the design and dynamic simulation of a small hybrid power system with a renewable power generation system as a case study. In the second phase, after an extensive study of the proven commercial SCADA solutions and some open source SCADA packages, three different secure, reliable, low-cost open source SCADA options are developed using the most recent SCADA architecture, the Internet of Things. The implemented prototypes of the three open source SCADA systems were tested extensively with a small renewable power system (a solar PV system). The results show that the developed open source SCADA systems perform optimally and accurately, and could serve as viable options for smaller applications such as renewable generation that cannot afford commercial SCADA solutions

Next-Generation Industrial Control System (ICS) Security:Towards ICS Honeypots for Defence-in-Depth Security

The advent of Industry 4.0 and smart manufacturing has led to an increased convergence of traditional manufacturing and production technologies with IP communications. Legacy Industrial Control System (ICS) devices are now exposed to a wide range of previously unconsidered threats, which must be considered to ensure the safe operation of industrial processes. Especially as cyberspace is presenting itself as a popular domain for nation-state operations, including against critical infrastructure. Honeypots are a well-known concept within traditional IT security, and they can enable a more proactive approach to security, unlike traditional systems. More work needs to be done to understand their usefulness within OT and critical infrastructure. This thesis advances beyond current honeypot implementations and furthers the current state-of-the-art by delivering novel ways of deploying ICS honeypots and delivering concrete answers to key research questions within the area. This is done by answering the question previously raised from a multitude of perspectives. We discuss relevant legislation, such as the UK Cyber Assessment Framework, the US NIST Framework for Improving Critical Infrastructure Cybersecurity, and associated industry-based standards and guidelines supporting operator compliance. Standards and guidance are used to frame a discussion on our survey of existing ICS honeypot implementations in the literature and their role in supporting regulatory objectives. However, these deployments are not always correctly configured and might differ from a real ICS. Based on these insights, we propose a novel framework towards the classification and implementation of ICS honeypots. This is underpinned by a study into the passive identification of ICS honeypots using Internet scanner data to identify honeypot characteristics. We also present how honeypots can be leveraged to identify when bespoke ICS vulnerabilities are exploited within the organisational network—further strengthening the case for honeypot usage within critical infrastructure environments. Additionally, we demonstrate a fundamentally different approach to the deployment of honeypots. By deploying it as a deterrent, to reduce the likelihood that an adversary interacts with a real system. This is important as skilled attackers are now adept at fingerprinting and avoiding honeypots. The results presented in this thesis demonstrate that honeypots can provide several benefits to the cyber security of and alignment to regulations within the critical infrastructure environment

AN INVESTIGATION OF MUNICIPAL SOLID WASTE MANAGEMENT DURING THE ARBA’EEN PILGRIMAGE IN KERBALA, IRAQ

Every year, religious events (REs) attended by millions of pilgrims, take place in different holy cities around the world. However, research on municipal solid waste management (MSWM) is limited despite the reputation of REs to generate large amounts of municipal solid waste (MSW), which negatively influences the environment and human health when poorly managed. The Arba’een is one of the largest REs in Iraq and worldwide that attracts more than 11 million pilgrims annually. A large quantity of MSW is produced during this event, which is poorly managed and disposed of in a dumpsite without any treatment, due to the lack of research and data about MSW generated during such events. Thus, this research aims to address part of this gap and contribute to new knowledge on MSWM at REs by studying the MSWM system applied at the Arba’een, a subject that has never been considered before. This study adopts mixed methods research approach, employing composition analysis for MSW, questionnaire surveys and interviews with the stakeholders (hoteliers, camp owners, pilgrims and MSWM authorities) and on-site observations as key methods for generation of data. The MSWM system was assessed based on the opinion of the key stakeholders and the Wasteaware benchmark indicators formwork. Numerical models were built to estimate the quantities of MSW produced by pilgrims’ accommodation (hotels and camps) based on the characteristics of the accommodation (capacity, area etc.). MSWM services users’ (hoteliers, camp owners and pilgrims) intention to participate in a recycling scheme and the variables influence this intention were studied with a view of investigating the possibility of introducing a recycling scheme at REs. The results showed that REs account for 14% of the city’s MSW and its main components were organic (57.9%), paper (14.9%) and plastic (14.6%). The MSWM system suffers from operational and governance weaknesses; the key weaknesses are lack of controlled disposal facility, absence of a formal recycling scheme, deficit of key waste-related data, poor public involvement, inadequate planning, and funding limitations. Statistical analyses showed that average municipal solid waste generation (MSWG) from hotels and camps were 112 and 413kg.day-1, respectively. Hotels’ MSWG is influenced by their capacity, staff size and expenditure while camps’ capacity, expenditure and food services affect its MSWG. MSWG from hotels and camps can be modelled with a coefficient of determination of about 0.80. In addition, more than 65% of MSWM system users are willing to participate in MSW recycling during REs and it is expected that about one third would perform recycling; this indicates that introducing MSW recycling during REs could be successful