On Preventing and Detecting Cyber Attacks in Industrial Control System Networks

• Autorzy: Padée Adam , Wójcik Michał , Ćwiek Arkadiusz , Klimaszewski Konrad , Kopka Przemysław , Kozioł Sylwester , Kuźmicki Krzysztof , Możdżonek Rafał , Wiślicki Wojciech , Włodarski Tomasz

Identyfikatory

DOI

10.26636/jtit.2019.131219

• Języki publikacji: EN

Abstrakty

EN

This paper outlines the problem of cybersecurity in OT (operations/operational technology) networks. It provides descriptions of the most common components of these systems, summarizes the threats and compares them with those present in the IT domain. A considerable section of the paper summarizes research conducted over the past decade, focusing on how common the problem is and in which countries it prevails. The article presents techniques most commonly used in the protection of these systems, with many examples from the nuclear industry given.

Słowa kluczowe

EN

attack preventing; cybersecurity; industrial control systems

• Wydawca: Instytut Łączności - Państwowy Instytut Badawczy
• Czasopismo: Journal of Telecommunications and Information Technology
• Rocznik: 2019
• Tom: nr 2
• Strony: 21--28
• Opis fizyczny: Bibliogr. 16 poz., tab.

Twórcy

autor

Padée Adam

• National Centre for Nuclear Research, Andrzeja Sołtana 7, 05-400 Otwock, Poland

autor

Wójcik Michał

• National Centre for Nuclear Research, Andrzeja Sołtana 7, 05-400 Otwock, Poland

autor

Ćwiek Arkadiusz

• National Centre for Nuclear Research, Andrzeja Sołtana 7, 05-400 Otwock, Poland

autor

Klimaszewski Konrad

• National Centre for Nuclear Research, Andrzeja Sołtana 7, 05-400 Otwock, Poland

autor

Kopka Przemysław

• National Centre for Nuclear Research, Andrzeja Sołtana 7, 05-400 Otwock, Poland

autor

Kozioł Sylwester

• National Centre for Nuclear Research, Andrzeja Sołtana 7, 05-400 Otwock, Poland

autor

Kuźmicki Krzysztof

• National Centre for Nuclear Research, Andrzeja Sołtana 7, 05-400 Otwock, Poland

autor

Możdżonek Rafał

• National Centre for Nuclear Research, Andrzeja Sołtana 7, 05-400 Otwock, Poland

autor

Wiślicki Wojciech

• National Centre for Nuclear Research, Andrzeja Sołtana 7, 05-400 Otwock, Poland

autor

Włodarski Tomasz

• National Centre for Nuclear Research, Andrzeja Sołtana 7, 05-400 Otwock, Poland

Bibliografia

• [1] T. C. Reed, At the Abyss: An Insider’s History of the Cold War. Presidio Press, 2004 (ISBN 0891418210).
• [2] T. Jablonski and M. Jach, “Jak 14-latek spowodowal katastrofę”, 2008 [Online]. Available: http://lodz.naszemiasto.pl/archiwum/jak14-latek-spowodowal-katastrofe,1602388,art,t,id,tm.html [in Polish]
• [3] “MODBUS/TCP Security Protocol Specification” [Online]. Available: http://modbus.org/docs/MB-TCP-Security-v21 2018-07-24.pdf
• [4] K. Stouffer, V. Pillitteri, S. Lightman, M. Abrams, and A. Hahn, “Guide to industrial control systems (ICS) security”, NIST Special Publication 800-82 Revision 2, 2015 (doi: 10.6028/NIST.SP.800-82r2).
• [5] R. M. Lee, M. J. Assante, and T. Conway, “Analysis of the cyber attack on the Ukrainian power grid”, E-ISAC publication, March 18, 2016 [Online]. Available: https://ics.sans.org/media/ E-ISAC SANS Ukraine DUC 5.pdf
• [6] D. Fauri et al., “Encryption in ICS networks: A blessing or a curse?”, in Proc. IEEE Int. Conf. on Smart Grid Commun. SmartGridComm 2017, Dresden, Germany, 2017 (doi: 10.1109/SmartGridComm.2017.8340732).
• [7] Shodan search engine home page [Online]. Available: https://www.shodan.io/
• [8] E. P. Leverett, “Quantitatively assessing and visualising industrial system attack surfaces”, Master Thesis, University of Cambridge, 2011 [Online]. Available: https://www.cl.cam.ac.uk/∼fms27/papers/ 2011-Leverett-industrial.pdf
• [9] R. C. Bodenheim, “Impact of the Shodan computer search engine on Internet-facing industrial control system devices”, Master Thesis, Air Force Institute of Technology, Ohio, USA, 2014 [Online]. Available: https://apps.dtic.mil/dtic/tr/fulltext/u2/a601219.pdf
• [10] P. Hitchin, “Cyber attacks on the nuclear industry”, Nuclear Engineering International, 15 September 2015 [Online]. Available: https://www.neimagazine.com/features/featurecyber-attacks-on-thenuclear-industry-4671329/
• [11] “Computer Security at Nuclear Facilities”, IAEA Nuclear Security Series No. 17 [Online]. Available: https://www-pub.iaea.org/mtcd/ publications/pdf/pub1527 web.pdf
• [12] “Cyber security assessments of industrial control systems. A good practice guide”, Centre for the Protection Of National Infrastructure, U.S. Department of Homeland Security, Apr. 2011 [Online]. Available: https://www.ccn-cert.cni.es/publico/ InfraestructurasCriticaspublico/CPNI-Guia-SCI.pdf
• [13] Conducting Computer Security Assessments at Nuclear Facilities, IAEA, Vienna 2016 (ISBN: 978-92-0-104616-1).
• [14] ICS-CERT Alerts home page [Online]. Available: https://ics-cert.us-cert.gov/alerts?page=1
• [15] D. Crooks et al., “Operational security, threat intelligence & distributed computing: the WLCG Security Operations Center Working Group”, in Proc. of 23rd Int. Conf. on Comput. in High Energy and Nuclear Phys. CHEP 2018, Sofia, Bulgaria, 2018.
• [16] R. Feroze, “Passive GSM sniffing with Software Defined Radio”, 02/06/2017 [Online]. Available: https://payatu.com/passive-gsmsniffing-software-defined-radio/.

Uwagi

Opracowanie rekordu w ramach umowy 509/P-DUN/2018 ze środków MNiSW przeznaczonych na działalność upowszechniającą naukę (2019).