Developing Battery of Vulnerability Tests for Industrial Control Systems

  title={Developing Battery of Vulnerability Tests for Industrial Control Systems},
  author={Radek Fujdiak and Petr Blazek and Petr Mlynek and Jir{\'i} Misurec},
  journal={2019 10th IFIP International Conference on New Technologies, Mobility and Security (NTMS)},
  • R. Fujdiak, Petr Blazek, +1 author J. Misurec
  • Published 1 June 2019
  • Computer Science
  • 2019 10th IFIP International Conference on New Technologies, Mobility and Security (NTMS)
Nowadays, the industrial control systems (ICS) face many challenges, where security is becoming one of the most crucial. This fact is caused by new connected environment, which brings among new possibilities also new vulnerabilities, threats, or possible attacks. The criminal acts in the ICS area increased over the past years exponentially, which caused the loss of billions of dollars. This also caused classical Intrusion Detection Systems and Intrusion Prevention Systems to evolve in order to… Expand


Attacks against process control systems: risk assessment, detection, and response
By incorporating knowledge of the physical system under control, this paper is able to detect computer attacks that change the behavior of the targeted control system and analyze the security and safety of the mechanisms by exploring the effects of stealthy attacks, and by ensuring that automatic attack-response mechanisms will not drive the system to an unsafe state. Expand
Analysis of cyber security for industrial control systems
A comprehensive analysis of cyber security issues for ICS is presented, discussing and reviewing the different types and architectures of an ICS, security requirements, different threats attacks, and existing solutions to secure Industrial control systems. Expand
Taxonomy of attacks on industrial control protocols
  • Zakarya Drias, A. Serhrouchni, Olivier Vogel
  • Engineering, Computer Science
  • 2015 International Conference on Protocol Engineering (ICPE) and International Conference on New Technologies of Distributed Systems (NTDS)
  • 2015
A taxonomy model of different identified attacks on Modbus and DNP3 is proposed, based on the threat origin, threat type, attacktype, attack scenario, vulnerability type and the impact of the attack to facilitate the risk assessment of cyber-attacks on ICS protocols. Expand
A survey on security control and attack detection for industrial cyber-physical systems
An overview of recent advances on security control and attack detection of industrial CPSs is presented, and robustness, security and resilience as well as stability are discussed to govern the capability of weakening various attacks. Expand
Stuxnet worm impact on industrial cyber-physical system security
  • S. Karnouskos
  • Engineering
  • IECON 2011 - 37th Annual Conference of the IEEE Industrial Electronics Society
  • 2011
Industrial systems consider only partially security, mostly relying on the basis of “isolated” networks, and controlled access environments. Monitoring and control systems such as SCADA/DCS areExpand
Identifying and Scoring Vulnerability in SCADA Environments
Supervisory Control and Data Acquisition (SCADA) systems form a critical component to industries such as national power grids, manufacturing automation, nuclear power production and more. ByExpand
A Taxonomy of Cyber Attacks on SCADA Systems
  • Bonnie Zhu, A. Joseph, S. Sastry
  • Computer Science
  • 2011 International Conference on Internet of Things and 4th International Conference on Cyber, Physical and Social Computing
  • 2011
This paper focuses on systematically identifying and classifying likely cyber attacks including cyber-induced cyber-physical attack son SCADA systems and highlights commonalities and important features of such attacks that define unique challenges posed to securingSCADA systems versus traditional Information Technology(IT) systems. Expand
Practical Modbus Flooding Attack and Detection
It is confirmed that the Modbus protocol is vulnerable to flooding attacks, and an anomaly-based change detection algorithm and signature-based Snort threshold module are capable of detecting Modbus flooding attacks. Expand
Cyber attack-resilient control for smart grid
This paper identifies key control loops in power systems operation and then determines the types of attacks that will be effective against each control loop, and presents basic concepts of attack resilient control. Expand
A Survey of Industrial Control System Testbeds
This study surveys ICS testbeds that have been proposed for scientific research and finds that most aim to facilitate vulnerability analysis, education and tests of defense mechanisms. Expand