An Educational Framework to Support Industrial Control System Security Engineering

Industrial Control Systems (ICSs) are used to monitor and control critical infrastructure such as electricity and water. ICS were originally stand-alone systems, but are now widely being connected to corporate national IT networks, making remote monitoring and more timely control possible. While this connectivity has brought multiple benefits to ICS, such as cost reductions and an increase in redundancy and flexibility, ICS were not designed for open connectivity and therefore are more prone to security threats, creating a greater requirement for adequate security engineering approaches. The culture gap between developers and security experts is one of the main challenges of ICS security engineering. Control system developers play an important role in building secure systems; however, they lack security training and support throughout the development process. Security training, which is an essential activity in the defence-indepth strategy for ICS security, has been addressed, but has not been given sufficient attention in academia. Security support is a key means by which to tackle this challenge via assisting developers in ICS security by design. This thesis proposes a novel framework, the Industrial Control System Security Engineering Support (ICS-SES), which aims to help developers in designing secure control systems by enabling them to reuse secure design patterns and improve their security knowledge. ICS-SES adapts pattern-based approach to guide developers in security engineering, and an automated planning technique to provide adaptive on-the-job security training tailored to personal needs. The usability of ICS-SES has been evaluated using an empirical study in terms of its effectiveness in assisting the design of secure control systems and improving developers’ security knowledge. The results show that ICS-SES can efficiently help control system designers to mitigate security vulnerabilities and improve their security knowledge, reducing the difficulties associated with the security engineering process, and the results have been found to be statically significant. In summary, ICS-SES provides a unified method of supporting an ICS security by design approach. It fosters a development environment where engineers can improve their security knowledge while working in a control system production line.Libyan Embassy in London, U

Learning Static Knowledge for AI Planning Domain Models via Plan Traces

Learning is fundamental to autonomous behaviour and from the point of view of Machine Learning, it is the ability of computers to learn without being programmed explicitly. Attaining such capability for learning domain models for Automated Planning (AP) engines is what triggered research into developing automated domain-learning systems. These systems can learn from training data. Until recent research it was believed that working in dynamically changing and unpredictable environments, it was not possible to construct action models a priori. After the research in the last decade, many systems have proved effective in engineering domain models by learning from plan traces. However, these systems require additional planner oriented information such as a partial domain model, initial, goal and/or intermediate states. Hence, a question arises - whether or not we can learn a dynamic domain model, which covers all domain behaviours from real-time action sequence traces only. The research in this thesis extends an area of the most promising line of work that is connected to work presented in an REF Journal paper. This research aims to enhance the LOCM system and to extend the method of Learning Domain Models for AI Planning Engines via Plan Traces. This method was first published in ICAPS 2009 by Cresswell, McCluskey, and West (Cresswell, 2009). LOCM is unique in that it requires no prior knowledge of the target domain; however, it can produce a dynamic part of a domain model from training. Its main drawback is that it does not produce static knowledge of the domain, and its model lacks certain expressive features. A key aspect of research presented in this thesis is to enhance the technique with the capacity to generate static knowledge. A test and focus for this PhD is to make LOCM able to learn static relationships in a fully automatic way in addition to the dynamic relationships, which LOCM can already learn, using plan traces as input. We present a novel system - The ASCoL (Automatic Static Constraints Learner) which provides a graphical interface for visual representation and exploits directed graph discovery and analysis technique. It has been designed to discover domain-specific static relations/constraints automatically in order to enhance planning domain models. The ASCoL method has wider applications. Combined with LOCM, ASCoL can be a useful tool to produce benchmark domains for automated planning engines. It is also useful as a debugging tool for improving existing domain models. We have evaluated ASCoL on fifteen different IPC domains and on different types of goal-oriented and random-walk plans as input training data and it has been shown to be effective