A Continuous Risk Management Approach for Cyber-Security in Industrial Control Systems

In industrial networks, a cyber-incident can have, as a consequence, the interference with physical processes, which can potentially cause damages to property, to humans’ health and safety, and to the environment. Currently most safeguards built into Industrial Control Systems provide mitigations against accidents and faults but are not necessarily effective against malicious acts. Moreover, even if cyber-threats can be contained, significant costs will be incurred whenever operations have to shut down in response to a cyber-attack. As there are important gaps in Industrial Control Systems, they have increasingly been targeted over the past decade, creating concern among the cyber-security and the process control engineering communities. Operators may be reluctant or unable to implement standard cyber-security controls in this type of systems because they might interfere with time-sensitive control loops, interrupt continuous operation or potentially compromise safety. This situation calls for a more proactive approach to monitor cyber-risks since many of them cannot be totally eliminated or properly controlled by preventative measures. Traditional risk management approaches do not address this, since they are not conceived to work at the same speed that changes can occur in cyber-security operations. This thesis aims to facilitate the adoption of Continuous Risk Management in industrial networks by proposing a risk assessment methodology focused mainly on the aspect of risk likelihood updates. The approach proposed is based on a Continuous Risk Assessment Methodology, which is derived from a typical Risk Management process and modified to work in a continuous basis. The methodology consists of workflows and a description of each process involved, including its inputs and outputs. Additionally, a number of resources to support the implementation of the methodology on industrial environments were developed. These resources consist of the introduction and categorisation of the concept of “Indicator of Risk” (IoR), a knowledge base, containing a set of different categories of IoRs, named as the “IoR Library” and the implementation of this knowledge base on a Bayesian Network template. Finally, behavioural anomaly detection using sensors data is demonstrated to illustrate the use of IoRs based on data from physical processes as a resource to detect possible cyber-risks. These resources provided concrete means to address issues in industrial cyber-security risk management such as the availability and quality of information, the complexity of defining rules and identifying normal and abnormal states, the limited scope of academic work, and the lack of integration between risk management and cyber-security operations

Assessing database and network threats in traditional and cloud computing

Cloud Computing is currently one of the most widely-spoken terms in IT. While it offers a range of technological and financial benefits, its wide acceptance by organizations is not yet wide spread. Security concerns are a main reason for this and this paper studies the data and network threats posed in both traditional and cloud paradigms in an effort to assert in which areas cloud computing addresses security issues and where it does introduce new ones. This evaluation is based on Microsoft’s STRIDE threat model and discusses the stakeholders, the impact and recommendations for tackling each threat

Multi-Layer Cyber-Physical Security and Resilience for Smart Grid

The smart grid is a large-scale complex system that integrates communication technologies with the physical layer operation of the energy systems. Security and resilience mechanisms by design are important to provide guarantee operations for the system. This chapter provides a layered perspective of the smart grid security and discusses game and decision theory as a tool to model the interactions among system components and the interaction between attackers and the system. We discuss game-theoretic applications and challenges in the design of cross-layer robust and resilient controller, secure network routing protocol at the data communication and networking layers, and the challenges of the information security at the management layer of the grid. The chapter will discuss the future directions of using game-theoretic tools in addressing multi-layer security issues in the smart grid.Comment: 16 page

The future of Cybersecurity in Italy: Strategic focus area

This volume has been created as a continuation of the previous one, with the aim of outlining a set of focus areas and actions that the Italian Nation research community considers essential. The book touches many aspects of cyber security, ranging from the definition of the infrastructure and controls needed to organize cyberdefence to the actions and technologies to be developed to be better protected, from the identification of the main technologies to be defended to the proposal of a set of horizontal actions for training, awareness raising, and risk management

Applying Lessons from Cyber Attacks on Ukrainian Infrastructures to Secure Gateways onto the Industrial Internet of Things

Previous generations of safety-related industrial control systems were ‘air gapped’. In other words, process control components including Programmable Logic Controllers (PLCs) and smart sensor/actuators were disconnected and isolated from local or wide area networks. This provided a degree of protection; attackers needed physical access to compromise control systems components. Over time this ‘air gap’ has gradually been eroded. Switches and gateways have subsequently interfaced industrial protocols, including Profibus and Modbus, so that data can be drawn from safety-related Operational Technology into enterprise information systems using TCP/IP. Senior management uses these links to monitor production processes and inform strategic planning. The Industrial Internet of Things represents another step in this evolution – enabling the coordination of physically distributed resources from a centralized location. The growing range and sophistication of these interconnections create additional security concerns for the operation and management of safety-critical systems. This paper uses lessons learned from recent attacks on Ukrainian critical infrastructures to guide a forensic analysis of an IIoT switch. The intention is to identify and mitigate vulnerabilities that would enable similar attacks to be replicated across Europe and North America

Assessing and augmenting SCADA cyber security: a survey of techniques

SCADA systems monitor and control critical infrastructures of national importance such as power generation and distribution, water supply, transportation networks, and manufacturing facilities. The pervasiveness, miniaturisations and declining costs of internet connectivity have transformed these systems from strictly isolated to highly interconnected networks. The connectivity provides immense benefits such as reliability, scalability and remote connectivity, but at the same time exposes an otherwise isolated and secure system, to global cyber security threats. This inevitable transformation to highly connected systems thus necessitates effective security safeguards to be in place as any compromise or downtime of SCADA systems can have severe economic, safety and security ramifications. One way to ensure vital asset protection is to adopt a viewpoint similar to an attacker to determine weaknesses and loopholes in defences. Such mind sets help to identify and fix potential breaches before their exploitation. This paper surveys tools and techniques to uncover SCADA system vulnerabilities. A comprehensive review of the selected approaches is provided along with their applicability

The THREAT-ARREST Cyber-Security Training Platform

Cyber security is always a main concern for critical infrastructures and nation-wide safety and sustainability. Thus, advanced cyber ranges and security training is becoming imperative for the involved organizations. This paper presets a cyber security training platform, called THREAT-ARREST. The various platform modules can analyze an organization’s system, identify the most critical threats, and tailor a training program to its personnel needs. Then, different training programmes are created based on the trainee types (i.e. administrator, simple operator, etc.), providing several teaching procedures and accomplishing diverse learning goals. One of the main novelties of THREAT-ARREST is the modelling of these programmes along with the runtime monitoring, management, and evaluation operations. The platform is generic. Nevertheless, its applicability in a smart energy case study is detailed