Cyber-physical security of a chemical plant

The increasing number of cyber attacks on industries demands immediate attention for providing more secure mechanisms to safeguard industries and minimize risks. A supervisory control and data acquisition (SCADA) system employing the distributed networks of sensors and actuators that interact with the physical environment is vulnerable to attacks that target the interface between the cyber and physical subsystems. These cyber attacks are typically malicious actions that cause undesired results in the cyber physical world, for example, the Stuxnet attack that targeted Iran\u27s nuclear centrifuges. An attack that hijacks the sensors in an attempt to provide false readings to the controller can be used to feign normal system operation for the control system, while the attacker can hijack the actuators to send the system beyond its safety range. Cyber physical systems (CPS) being used in industries such as oil and gas, chemical process plants and the like are termed Industrial Control Systems (ICS). Control system security is aimed at preventing intentional or unintentional interference with the proper operation of ICS. This thesis proposes a process-aware approach with the use of invariant equations based on the physical and chemical properties of the process and a Multiple Security Domain Nondeducibility (MSDND) framework to detect when a sensor signal is being maliciously manipulated. We have taken a benzene production plant as case study to illustrate our approach and its effectiveness in determining the state of the system. A system without any MSDND secure information flows between the CPS and cyber monitors has fewer weaknesses that can be exploited --Abstract, page iii

An Educational Framework to Support Industrial Control System Security Engineering

Industrial Control Systems (ICSs) are used to monitor and control critical infrastructure such as electricity and water. ICS were originally stand-alone systems, but are now widely being connected to corporate national IT networks, making remote monitoring and more timely control possible. While this connectivity has brought multiple benefits to ICS, such as cost reductions and an increase in redundancy and flexibility, ICS were not designed for open connectivity and therefore are more prone to security threats, creating a greater requirement for adequate security engineering approaches. The culture gap between developers and security experts is one of the main challenges of ICS security engineering. Control system developers play an important role in building secure systems; however, they lack security training and support throughout the development process. Security training, which is an essential activity in the defence-indepth strategy for ICS security, has been addressed, but has not been given sufficient attention in academia. Security support is a key means by which to tackle this challenge via assisting developers in ICS security by design. This thesis proposes a novel framework, the Industrial Control System Security Engineering Support (ICS-SES), which aims to help developers in designing secure control systems by enabling them to reuse secure design patterns and improve their security knowledge. ICS-SES adapts pattern-based approach to guide developers in security engineering, and an automated planning technique to provide adaptive on-the-job security training tailored to personal needs. The usability of ICS-SES has been evaluated using an empirical study in terms of its effectiveness in assisting the design of secure control systems and improving developers’ security knowledge. The results show that ICS-SES can efficiently help control system designers to mitigate security vulnerabilities and improve their security knowledge, reducing the difficulties associated with the security engineering process, and the results have been found to be statically significant. In summary, ICS-SES provides a unified method of supporting an ICS security by design approach. It fosters a development environment where engineers can improve their security knowledge while working in a control system production line.Libyan Embassy in London, U

Applying Lessons from Cyber Attacks on Ukrainian Infrastructures to Secure Gateways onto the Industrial Internet of Things

Previous generations of safety-related industrial control systems were ‘air gapped’. In other words, process control components including Programmable Logic Controllers (PLCs) and smart sensor/actuators were disconnected and isolated from local or wide area networks. This provided a degree of protection; attackers needed physical access to compromise control systems components. Over time this ‘air gap’ has gradually been eroded. Switches and gateways have subsequently interfaced industrial protocols, including Profibus and Modbus, so that data can be drawn from safety-related Operational Technology into enterprise information systems using TCP/IP. Senior management uses these links to monitor production processes and inform strategic planning. The Industrial Internet of Things represents another step in this evolution – enabling the coordination of physically distributed resources from a centralized location. The growing range and sophistication of these interconnections create additional security concerns for the operation and management of safety-critical systems. This paper uses lessons learned from recent attacks on Ukrainian critical infrastructures to guide a forensic analysis of an IIoT switch. The intention is to identify and mitigate vulnerabilities that would enable similar attacks to be replicated across Europe and North America