Developing Battery of Vulnerability Tests for Industrial Control Systems

  title={Developing Battery of Vulnerability Tests for Industrial Control Systems},
  author={Radek Fujdiak and Petr Blazek and Petr Mlynek and Jir{\'i} Misurec},
  journal={2019 10th IFIP International Conference on New Technologies, Mobility and Security (NTMS)},
  • R. FujdiakPetr Blazek J. Misurec
  • Published 1 June 2019
  • Computer Science
  • 2019 10th IFIP International Conference on New Technologies, Mobility and Security (NTMS)
Nowadays, the industrial control systems (ICS) face many challenges, where security is becoming one of the most crucial. This fact is caused by new connected environment, which brings among new possibilities also new vulnerabilities, threats, or possible attacks. The criminal acts in the ICS area increased over the past years exponentially, which caused the loss of billions of dollars. This also caused classical Intrusion Detection Systems and Intrusion Prevention Systems to evolve in order to… 

Figures and Tables from this paper



Attacks against process control systems: risk assessment, detection, and response

By incorporating knowledge of the physical system under control, this paper is able to detect computer attacks that change the behavior of the targeted control system and analyze the security and safety of the mechanisms by exploring the effects of stealthy attacks, and by ensuring that automatic attack-response mechanisms will not drive the system to an unsafe state.

Analysis of cyber security for industrial control systems

A comprehensive analysis of cyber security issues for ICS is presented, discussing and reviewing the different types and architectures of an ICS, security requirements, different threats attacks, and existing solutions to secure Industrial control systems.

Taxonomy of attacks on industrial control protocols

  • Zakarya DriasA. SerhrouchniOlivier Vogel
  • Computer Science
    2015 International Conference on Protocol Engineering (ICPE) and International Conference on New Technologies of Distributed Systems (NTDS)
  • 2015
A taxonomy model of different identified attacks on Modbus and DNP3 is proposed, based on the threat origin, threat type, attacktype, attack scenario, vulnerability type and the impact of the attack to facilitate the risk assessment of cyber-attacks on ICS protocols.

Stuxnet worm impact on industrial cyber-physical system security

  • S. Karnouskos
  • Computer Science
    IECON 2011 - 37th Annual Conference of the IEEE Industrial Electronics Society
  • 2011
The highly sophisticated aspects of Stuxnet are investigated, the impact that it may have on existing security considerations and some thoughts on the next generation SCADA/DCS systems from a security perspective are posed.

Identifying and Scoring Vulnerability in SCADA Environments

This paper systematically review SCADA security based on different aspects to provide an all-inclusive reference for future SCADA users and researchers and uses a time-based heuristic approach to evaluate vulnerabilities and show the importance of the evaluation.

A Taxonomy of Cyber Attacks on SCADA Systems

  • Bonnie ZhuA. JosephS. Sastry
  • Computer Science
    2011 International Conference on Internet of Things and 4th International Conference on Cyber, Physical and Social Computing
  • 2011
This paper focuses on systematically identifying and classifying likely cyber attacks including cyber-induced cyber-physical attack son SCADA systems and highlights commonalities and important features of such attacks that define unique challenges posed to securingSCADA systems versus traditional Information Technology(IT) systems.

Practical Modbus Flooding Attack and Detection

It is confirmed that the Modbus protocol is vulnerable to flooding attacks, and an anomaly-based change detection algorithm and signature-based Snort threshold module are capable of detecting Modbus flooding attacks.

A Survey of Industrial Control System Testbeds

This study surveys ICS testbeds that have been proposed for scientific research and finds that most aim to facilitate vulnerability analysis, education and tests of defense mechanisms.

Cyber-Physical Systems Security—A Survey

This paper study and systematize existing research on CPS security under a unified framework, aiming to build a model that is abstract enough to be applicable to various heterogeneous CPS applications; and to gain a modular view of the tightly coupled CPS components.