A Survey on Industrial Control System Testbeds and Datasets for Security Research

The increasing digitization and interconnection of legacy Industrial Control Systems (ICSs) open new vulnerability surfaces, exposing such systems to malicious attackers. Furthermore, since ICSs are often employed in critical infrastructures (e.g., nuclear plants) and manufacturing companies (e.g., chemical industries), attacks can lead to devastating physical damages. In dealing with this security requirement, the research community focuses on developing new security mechanisms such as Intrusion Detection Systems (IDSs), facilitated by leveraging modern machine learning techniques. However, these algorithms require a testing platform and a considerable amount of data to be trained and tested accurately. To satisfy this prerequisite, Academia, Industry, and Government are increasingly proposing testbed (i.e., scaled-down versions of ICSs or simulations) to test the performances of the IDSs. Furthermore, to enable researchers to cross-validate security systems (e.g., security-by-design concepts or anomaly detectors), several datasets have been collected from testbeds and shared with the community. In this paper, we provide a deep and comprehensive overview of ICSs, presenting the architecture design, the employed devices, and the security protocols implemented. We then collect, compare, and describe testbeds and datasets in the literature, highlighting key challenges and design guidelines to keep in mind in the design phases. Furthermore, we enrich our work by reporting the best performing IDS algorithms tested on every dataset to create a baseline in state of the art for this field. Finally, driven by knowledge accumulated during this survey's development, we report advice and good practices on the development, the choice, and the utilization of testbeds, datasets, and IDSs

Cyber Security and Critical Infrastructures 2nd Volume

The second volume of the book contains the manuscripts that were accepted for publication in the MDPI Special Topic "Cyber Security and Critical Infrastructure" after a rigorous peer-review process. Authors from academia, government and industry contributed their innovative solutions, consistent with the interdisciplinary nature of cybersecurity. The book contains 16 articles, including an editorial that explains the current challenges, innovative solutions and real-world experiences that include critical infrastructure and 15 original papers that present state-of-the-art innovative solutions to attacks on critical systems

Securing industrial control system environments: the missing piece

Cyberattacks on industrial control systems (ICSs) are no longer matters of anticipation. These systems are continually subject to malicious attacks without much resistance. Network breaches, data theft, denial of service, and command and control functions are examples of common attacks on ICSs. Despite available security solutions, safety, security, resilience, and performance require both private public sectors to step-up strategies to address increasing security concerns on ICSs. This paper reviews the ICS security risk landscape, including current security solution strategies in order to determine the gaps and limitations for effective mitigation. Notable issues point to a greater emphasis on technology security while discounting people and processes attributes. This is clearly incongruent with; emerging security risk trends, the biased security strategy of focusing more on supervisory control and data acquisition systems, and the emergence of more sector-specific solutions as against generic security solutions. Better solutions need to include approaches that follow similar patterns as the problem trend. These include security measures that are evolutionary by design in response to security risk dynamics. Solutions that recognize and include; people, process and technology security enhancement into asingle system, and addressing all three-entity vulnerabilities can provide a better solution for ICS environments

CYBER SECURITY IN INDUSTRIAL CONTROL SYSTEMS (ICS): A SURVEY OF ROWHAMMER VULNERABILITY

Increasing dependence on Information and Communication Technologies (ICT) and especially on the Internet in Industrial Control Systems (ICS) has made these systems the primary target of cyber-attacks. As ICS are extensively used in Critical Infrastructures (CI), this makes CI more vulnerable to cyber-attacks and their protection becomes an important issue. On the other hand, cyberattacks can exploit not only software but also physics; that is, they can target the fundamental physical aspects of computation. The newly discovered RowHammer (RH) fault injection attack is a serious vulnerability targeting hardware on reliability and security of DRAM (Dynamic Random Access Memory). Studies on this vulnerability issue raise serious security concerns.  The purpose of this study was to overview the RH phenomenon in DRAMs and its possible security risks on ICSs and to discuss a few possible realistic RH attack scenarios for ICSs. The results of the study revealed that RH is a serious security threat to any computer-based system having DRAMs, and this also applies to ICS

Improving cyber security in industrial control system environment.

Integrating industrial control system (ICS) with information technology (IT) and internet technologies has made industrial control system environments (ICSEs) more vulnerable to cyber-attacks. Increased connectivity has brought about increased security threats, vulnerabilities, and risks in both technology and people (human) constituents of the ICSE. Regardless of existing security solutions which are chiefly tailored towards technical dimensions, cyber-attacks on ICSEs continue to increase with a proportionate level of consequences and impacts. These consequences include system failures or breakdowns, likewise affecting the operations of dependent systems. Impacts often include; marring physical safety, triggering loss of lives, causing huge economic damages, and thwarting the vital missions of productions and businesses. This thesis addresses uncharted solution paths to the above challenges by investigating both technical and human-factor security evaluations to improve cyber security in the ICSE. An ICS testbed, scenario-based, and expert opinion approaches are used to demonstrate and validate cyber-attack feasibility scenarios. To improve security of ICSs, the research provides: (i) an adaptive operational security metrics generation (OSMG) framework for generating suitable security metrics for security evaluations in ICSEs, and a list of good security metrics methodology characteristics (scope-definitive, objective-oriented, reliable, simple, adaptable, and repeatable), (ii) a technical multi-attribute vulnerability (and impact) assessment (MAVCA) methodology that considers and combines dynamic metrics (temporal and environmental) attributes of vulnerabilities with the functional dependency relationship attributes of the vulnerability host components, to achieve a better representation of exploitation impacts on ICSE networks, (iii) a quantitative human-factor security (capability and vulnerability) evaluation model based on human-agent security knowledge and skills, used to identify the most vulnerable human elements, identify the least security aspects of the general workforce, and prioritise security enhancement efforts, and (iv) security risk reduction through critical impact point assessment (S2R-CIPA) process model that demonstrates the combination of technical and human-factor security evaluations to mitigate risks and achieve ICSE-wide security enhancements. The approaches or models of cyber-attack feasibility testing, adaptive security metrication, multi-attribute impact analysis, and workforce security capability evaluations can support security auditors, analysts, managers, and system owners of ICSs to create security strategies and improve cyber incidence response, and thus effectively reduce security risk.PhD in Manufacturin

Operational Technology Preparedness:A Risk-Based Safety Approach to Scoping Security Tests for Cyber Incident Response and Recovery

Following the advent of Industry 4.0, there have been significant benefits to industrial process optimisation through increased interconnectivity and the integration of Information Technology (IT) and Operational Technology (OT). However, this has also led to an increased attack surface for cyber threat actors to target. A growing number of cyber attacks on industrial environments, including Critical National Infrastructure, has, subsequently, been observed. In response, government and standardisation organisations alike have invested considerable resources in improving the cyber security of these environments. This includes response and recovery, often used as a last line of defence against cyber attacks. However, due to the unique design philosophies of Industrial Control Systems (ICS), several challenges exist for effectively securing these systems against digital threats. Through an analysis of standards and guidelines, used for assessing and improving cyber incident response and recovery capabilities, and stakeholder engagement on the implementation of these in practice, this thesis first identifies the challenges that exist when it comes to preparing for cyber incidents targeting ICS/OT environments. In particular, risk management, which involves identifying, evaluating, and prioritising risks and finding solutions to minimise, monitor, and control these, was found to be essential for improving preparation for cyber incidents. Assurance techniques are used as part of risk management to generate evidence for making claims of assurances about security. Alongside this, adversary-centric security tests such as penetration tests are used to evaluate and improve cyber resilience and incident response capabilities by emulating the actions of malicious actors. However, despite the benefits that these provide, they are currently not implemented to their full potential due to the safety and operational risks that exist in ICS/OT environments. This thesis contributes to academic and industry knowledge by proposing a framework that incorporates methods for identifying and quantifying the safety and operational risks of conducting adversary-centric security tests within ICS/OT environments. In understanding the risks, these engagements can be scoped using precise constraints so as to maximise the depth of testing while minimising risk to safety and the operational process. The framework is then evaluated through a qualitative study involving industry experts, confirming the framework's validity for implementation in practice

Security of Cyber-Physical Systems

Cyber-physical system (CPS) innovations, in conjunction with their sibling computational and technological advancements, have positively impacted our society, leading to the establishment of new horizons of service excellence in a variety of applicational fields. With the rapid increase in the application of CPSs in safety-critical infrastructures, their safety and security are the top priorities of next-generation designs. The extent of potential consequences of CPS insecurity is large enough to ensure that CPS security is one of the core elements of the CPS research agenda. Faults, failures, and cyber-physical attacks lead to variations in the dynamics of CPSs and cause the instability and malfunction of normal operations. This reprint discusses the existing vulnerabilities and focuses on detection, prevention, and compensation techniques to improve the security of safety-critical systems

Review: Monitoring situational awareness of smart grid cyber-physical systems and critical asset identification

Cyber-Physical Systems (CPSs) are becoming more automated and aimed to be as efficient as possible by enabling integration between their operations and Information Technology (IT) resources. In combination with production automation, these systems need to identify their assets and the correlation between them; any potential threats or failures alert the relevant user/department and suggest the appropriate remediation plan. Moreover, identifying critical assets in these systems is essential. With numerous research and technologies available, assessing IT assets nowadays can be straightforward to implement. However, there is one significant issue of evaluating operational technology critical assets since they have different characteristics, and traditional solutions cannot work efficiently. This study presents the necessary background to attain the appropriate approach for monitoring critical assets in CPSs' Situational Awareness (SA). Additionally, the study presents a broad survey supported by an in-depth review of previous works in three important aspects. First, it reviews the applicability of possible techniques, tools and solutions that can be used to collect detailed information from such systems. Secondly, it covers studies that were implemented to evaluate the criticality of assets in CPSs, demonstrates requirements for critical asset identification, explores different risks and failure techniques utilised in these systems and delves into approaches to evaluate such methods in energy systems. Finally, this paper highlights and analyses SA gaps based on existing solutions, provides future directions and discusses open research issues

A systemic review of the cybersecurity challenges in Australian water infrastructure management

Cybersecurity risks have become obstinate problems for critical water infrastructure management in Australia and worldwide. Water management in Australia involves a vast complex of smart technical control systems interconnected with several networks, making the infrastructure susceptible to cyber-attacks. Therefore, ensuring the use of security mechanisms in the control system modules and communication networks for sensors and actuators is vital. The statistics show that Australia is facing frequent cyber-attacks, most of which are either undetected or overlooked or require immediate response. To address these cyber risks, Australia has changed from a country with negligible recognition of attacks on critical infrastructure to a country with improved capability to manage cyber warfare. However, little attention is paid to reducing the risk of attacks to the critical water infrastructure. This study aims to evaluate Australia’s current cybersecurity attack landscape and the implemented controls for water infrastructure using a systematic literature review (SLR). This study also compares Australia in the context of global developments and proposes future research directions. The synthesis of the evidence from 271 studies in this review indicates the importance of managing security vulnerabilities and threats in SCADA water control systems, including the need to upgrade the contemporary water security architecture to mitigate emerging risks. Moreover, human resource development with a specific focus on security awareness and training for SCADA employees is found to be lacking, which will be essential for alleviating cyber threats to the water infrastructure in Australia