Identifying Security-Critical Cyber-Physical Components in Industrial Control Systems

In recent years, Industrial Control Systems (ICS) have become an appealing target for cyber attacks, having massive destructive consequences. Security metrics are therefore essential to assess their security posture. In this paper, we present a novel ICS security metric based on AND/OR graphs that represent cyber-physical dependencies among network components. Our metric is able to efficiently identify sets of critical cyber-physical components, with minimal cost for an attacker, such that if compromised, the system would enter into a non-operational state. We address this problem by efficiently transforming the input AND/OR graph-based model into a weighted logical formula that is then used to build and solve a Weighted Partial MAX-SAT problem. Our tool, META4ICS, leverages state-of-the-art techniques from the field of logical satisfiability optimisation in order to achieve efficient computation times. Our experimental results indicate that the proposed security metric can efficiently scale to networks with thousands of nodes and be computed in seconds. In addition, we present a case study where we have used our system to analyse the security posture of a realistic water transport network. We discuss our findings on the plant as well as further security applications of our metric.Comment: Keywords: Security metrics, industrial control systems, cyber-physical systems, AND-OR graphs, MAX-SAT resolutio

Assessing and augmenting SCADA cyber security: a survey of techniques

SCADA systems monitor and control critical infrastructures of national importance such as power generation and distribution, water supply, transportation networks, and manufacturing facilities. The pervasiveness, miniaturisations and declining costs of internet connectivity have transformed these systems from strictly isolated to highly interconnected networks. The connectivity provides immense benefits such as reliability, scalability and remote connectivity, but at the same time exposes an otherwise isolated and secure system, to global cyber security threats. This inevitable transformation to highly connected systems thus necessitates effective security safeguards to be in place as any compromise or downtime of SCADA systems can have severe economic, safety and security ramifications. One way to ensure vital asset protection is to adopt a viewpoint similar to an attacker to determine weaknesses and loopholes in defences. Such mind sets help to identify and fix potential breaches before their exploitation. This paper surveys tools and techniques to uncover SCADA system vulnerabilities. A comprehensive review of the selected approaches is provided along with their applicability

Identifying vulnerabilities of industrial control systems using evolutionary multiobjective optimisation

In this paper, we propose a novel methodology to assist in identifying vulnerabilities in real-world complex heterogeneous industrial control systems (ICS) using two Evolutionary Multiobjective Optimisation (EMO) algorithms, NSGA-II and SPEA2. Our approach is evaluated on a well-known benchmark chemical plant simulator, the Tennessee Eastman (TE) process model. We identified vulnerabilities in individual components of the TE model and then made use of these vulnerabilities to generate combinatorial attacks. The generated attacks were aimed at compromising the safety of the system and inflicting economic loss. Results were compared against random attacks, and the performance of the EMO algorithms was evaluated using hypervolume, spread, and inverted generational distance (IGD) metrics. A defence against these attacks in the form of a novel intrusion detection system was developed, using machine learning algorithms. The designed approach was further tested against the developed detection methods. The obtained results demonstrate that the developed EMO approach is a promising tool in the identification of the vulnerable components of ICS, and weaknesses of any existing detection systems in place to protect the system. The proposed approach can serve as a proactive defense tool for control and security engineers to identify and prioritise vulnerabilities in the system. The approach can be employed to design resilient control strategies and test the effectiveness of security mechanisms, both in the design stage and during the operational phase of the system

Identifying Vulnerabilities of Industrial Control Systems using Evolutionary Multiobjective Optimisation

In this paper we propose a novel methodology to assist in identifying vulnerabilities in a real-world complex heterogeneous industrial control systems (ICS) using two evolutionary multiobjective optimisation (EMO) algorithms, NSGA-II and SPEA2. Our approach is evaluated on a well known benchmark chemical plant simulator, the Tennessee Eastman (TE) process model. We identified vulnerabilities in individual components of the TE model and then made use of these to generate combinatorial attacks to damage the safety of the system, and to cause economic loss. Results were compared against random attacks, and the performance of the EMO algorithms were evaluated using hypervolume, spread and inverted generational distance (IGD) metrics. A defence against these attacks in the form of a novel intrusion detection system was developed, using a number of machine learning algorithms. Designed approach was further tested against the developed detection methods. Results demonstrate that EMO algorithms are a promising tool in the identification of the most vulnerable components of ICS, and weaknesses of any existing detection systems in place to protect the system. The proposed approach can be used by control and security engineers to design security aware control, and test the effectiveness of security mechanisms, both during design, and later during system operation.Comment: 25 page

Ensuring Cyber-Security in Smart Railway Surveillance with SHIELD

Modern railways feature increasingly complex embedded computing systems for surveillance, that are moving towards fully wireless smart-sensors. Those systems are aimed at monitoring system status from a physical-security viewpoint, in order to detect intrusions and other environmental anomalies. However, the same systems used for physical-security surveillance are vulnerable to cyber-security threats, since they feature distributed hardware and software architectures often interconnected by ‘open networks’, like wireless channels and the Internet. In this paper, we show how the integrated approach to Security, Privacy and Dependability (SPD) in embedded systems provided by the SHIELD framework (developed within the EU funded pSHIELD and nSHIELD research projects) can be applied to railway surveillance systems in order to measure and improve their SPD level. SHIELD implements a layered architecture (node, network, middleware and overlay) and orchestrates SPD mechanisms based on ontology models, appropriate metrics and composability. The results of prototypical application to a real-world demonstrator show the effectiveness of SHIELD and justify its practical applicability in industrial settings

An analysis of cybersecurity culture in an organisation managing Critical Infrastructure

The 4th industrial revolution (4IR) is transforming the way businesses operate, making them more efficient and data-driven while also increasing the threat-landscape brought on by the convergence of technologies and increasingly so for organisations managing critical infrastructure. Environments that traditionally operated entirely independent of networks and the internet are now connecting in ways that are exposing critical infrastructure to a new level of cyber-risks that now need to be managed. Due to the stable nature of technologies and knowledge in traditional industrial environments, there is a misalignment of skills to emerging technology trends. Globally cyber-crime attacks are on the rise with Cisco reporting in 2018 that 31% of all respondents had seen a cyber-attack in their operational environment[1]. With up to 67% of breaches reported in the Willis Towers report due to employee negligence [2], the importance of cybersecurity culture is no longer in question in organisations managing critical infrastructure. Developing an understanding of the drivers for behaviours, attitudes and beliefs related to cybersecurity and aligning these to an organisations risk appetite and tolerance is crucial to managing cyber-risk. There is a very divergent understanding of cyber-risk in the engineering environment. This study endeavours to investigate employee perceptions, attitudes and values associated with cybersecurity and how these potentially affects their behaviour and ultimately the risk to the plant or organisation. Most traditional culture questionnaires focus on information security with observations focussing more on social engineering, email hygiene and physical controls. This cybersecurity culture study was conducted to gain insight into people's beliefs, attitudes and behaviours related to cybersecurity encompassing people, process and technology focussing on the operational technology environment in Eskom1. Both technical (Engineering and IT) and nontechnical (business support staff) staff were questionnaireed. The questionnaire was categorised into four sections dealing with cybersecurity culture as they relate to individuals, processes and technology, leadership and the organisation at large. The results from the analysis, revealed that collaboration, information sharing, reporting of vulnerabilities, high dependence and trust in technology, leadership commitment, vigilance, compliance, unclear processes and lack of understanding around cybersecurity all contribute to the current levels of cybersecurity culture. Insights from this study will generate recommendations that will form part of a cybersecurity culture transformation journey

Bibliographical review on cyber attacks from a control oriented perspective

This paper presents a bibliographical review of definitions, classifications and applications concerning cyber attacks in networked control systems (NCSs) and cyber-physical systems (CPSs). This review tackles the topic from a control-oriented perspective, which is complementary to information or communication ones. After motivating the importance of developing new methods for attack detection and secure control, this review presents security objectives, attack modeling, and a characterization of considered attacks and threats presenting the detection mechanisms and remedial actions. In order to show the properties of each attack, as well as to provide some deeper insight into possible defense mechanisms, examples available in the literature are discussed. Finally, open research issues and paths are presented.Peer ReviewedPostprint (author's final draft