MODELING AND VALIDATING A SECURE INTERCONNECTION BETWEEN INDUSTRIAL CONTROL SYSTEM AND CORPORATE NETWORK USING COLORED PETRI NET

Industrial Control Systems (ICS) networks offer a high level of automation combined with high levels of control, quality and process improvement. Since network corporate users have to access the ICS environment, these networks have to be interconnected. However, this interconnection can introduce risks to the systems and manufacturing processes, which leads to the need to ensure the interconnection is done safely. The objective of this paper is to perform modeling and validation of a proposed secure interconnection between ICS and corporate networks using Colored Petri Networks (CPN). In addition to the best practices published in related works, this paper recommends some integrated features like the use of terminal server service, secure manual uplinks, and unidirectional security gateway to enhance environmental security. However, our main contribution is the validation process performed in a Colored Petri Network, which made it possible to execute queries in the state space resulting from the simulation - that works as a proof of concept. As a result, the paper presents a secure and validated model of interconnection between ICS and corporate networks, capable of being applied to any interconnection environment.As redes de sistemas de controle industrial (ICS) oferecem um alto nível de automação combinado com altos níveis de controle, qualidade e melhoria de processos. Como os usuários corporativos da rede precisam acessar o ambiente ICS, essas redes precisam ser interconectadas. No entanto, essa interconexão pode apresentar riscos aos sistemas e processos de fabricação, o que leva à necessidade de garantir que a interconexão seja feita com segurança. O objetivo deste artigo é realizar modelagem e validação de uma interconexão segura proposta entre o ICS e as redes corporativas usando as Redes de Petri Coloridas (CPN). Além das práticas recomendadas publicadas em trabalhos relacionados, esta pesquisa recomenda alguns recursos integrados, como o uso do serviço de servidor de terminal, uplinks manuais seguros e gateway de segurança unidirecional para aprimorar a segurança do ambiente computacional. Entretanto, nossa principal contribuição é o processo de validação realizado em uma Rede Petri Colorida, que possibilitou a execução de consultas no espaço de estados resultantes da simulação - que funciona como prova de conceito. Como resultado, o artigo apresenta um modelo seguro e validado de interconexão entre o ICS e as redes corporativas, capaz de ser aplicado a qualquer ambiente de interconexão

Protecting Intelligent Distributed Power Grids against Cyber Attacks

Like other industrial sectors, the electrical power industry is facing challenges involved with the increasing demand for interconnected operations and control. The electrical industry has largely been restructured due to deregulation of the electrical market and the trend of the Smart Grid. This moves new automation systems from being proprietary and closed to the current state of Information Technology (IT) being highly interconnected and open. However, while gaining all of the scale and performance benefits of IT, existing IT security challenges are acquired as well. The power grid automation network has inherent security risks due to the fact that the systems and applications for the power grid were not originally designed for the general IT environment. In this paper, we propose a conceptual layered framework for protecting power grid automation systems against cyber attacks. The following factors are taken into account: (1) integration with existing, legacy systems in a non-intrusive fashion; (2) desirable performance in terms of modularity, scalability, extendibility, and manageability; (3) alignment to the 'Roadmap to Secure Control Systems in the Energy Sector' and the future smart grid. The on-site system test of the developed prototype security system is briefly presented as well

Using neural networks for detection of anomalous traffic in automation networks

Opening of local communication means of technological devices towards networks available to public, supervision of devices, and remote technological devices administration are the characteristics of modern automation. As a result of this process the intrusion of unwanted elements from the Internet to control networks is seen. Therefore, in communication and control networks we have to build in active means to ensure the access to individual technological process components. The contribution is focused on the insurance of control systems data communication via neural networks technologies in connection with classical methods used in expert systems. The solution proposed defines the way of data elements identification in transfer network, solves the transformation of their parameters for neural network input and defines the type and architecture of a suitable neural network. This is supported by the experiments with various architecture types and neural networks activation functions and followed by subsequent real environment tests. A functional system proposal with possible practical application is the result