Wyniki wyszukiwania - BazTech

1

SCADvanceXP—an intelligent Polish system for threat detection and monitoring of industrial networks

Twardawa Mateusz Grzegorz, Smolik Marek, Rakowski Franciszek, Kwiatkowski Jakub, Meyer Norbert

Security and Defence Quarterly

|

2024

|

Vol. 48, No. 4

s. 19--39

EN

SCADvanceXP is an industrial network intrusion detection system that scans and monitors data exchange between engineering stations, field divides, controllers, supervisory control and data acquisition (SCADA), and other elements of the operational technology network in detail. SCADvanceXP has the potential to detect advanced attacks on industrial infrastructures with the use of rulebased, signature-based, and behavioural detection methods, which are supported by sophisticated machine and deep learning models. As a system developed in Poland, it addresses the needs of industry in that region of Europe. The goal of this work was to assess SCADvanceXP’s potential to detect common industrial threats. In order to check SCADvanceXP’s potential, an effort was undertaken to evaluate its functionality on major industrial threats. For that purpose, twelve malware strains interfering with industrial systems were described. Later, the SCADvanceXP functionality was overlapped on malware behavioural and detection markers, pointing out exact mechanisms in SCADvanceXP that would detect analysed threats. The results show that SCADvanceXP is able to detect a wide range of attacks on industrial networks. SCADvanceXP’s rich functionality is able to provide a high standard of security. However, if a threat is affecting systems not directly connected with industrial networks, SCADvanceXP will not be able to detect it. SCADvanceXP only monitors industrial systems; hence, corporate networks must be protected by a different solution to provide the required level of security. Nonetheless, SCADvanceXP is dedicated to operating within industrial networks and does not have access to regular IT networks. It can be concluded that SCADvanceXP is a specialist tool providing desired security for industrial networks.

2

Estimating the vulnerability of industrial network infrastructure in Central and Eastern Europe

Twardawa Mateusz Grzegorz, Smolik Marek, Rakowski Franciszek, Kwiatkowski Jakub, Meyer Norbert

Security and Defence Quarterly

|

2024

|

Vol. 47, No. 3

53--73

EN

Industrial infrastructure has suffered an unprecedented number of attacks in Central and Eastern Europe (CEE). This situation can be attributed to many geopolitical factors, including hybrid military conflicts and criminal activity. Industrial networks belonging to

3

Rozwój i zastosowanie systemu monitoringu urządzeń automatyki przemysłowej SMUAP

Rakowski Franciszek, Ostapowicz Piotr, Stróżyk Maciej, Głowiak Maciej, Smolik Marek

Przegląd Telekomunikacyjny + Wiadomości Telekomunikacyjne

|

2024

|

nr 4

77--80

PL

W odpowiedzi na rosnące wyzwania stawiane przedsiębiorstwom produkcyjnym przez rewolucję przemysłową 4.0, w tym zagrożenia atakami cybernetycznymi, opracowany został System Monitoringu Urządzeń Automatyki Przemysłowej (SMUAP). Architektura SMUAP oparta jest na pasywnym monitorowaniu ruchu sieciowego oraz analizie komunikacji między urządzeniami. Moduł analityczny systemu oparty jest głównie na sztucznej inteligencji i uczeniu maszynowym, natomiast narzędziem do monitorowania sieci jest pasywny sniffer (w kilku opcjach, włączając technologię FPGA).

EN

In response to the growing challenges faced by manufacturing enterprises due to the Industry 4.0 revolution, including the threat of cyber attacks, the Industrial Automation Monitoring System (SMUAP) has been developed. The architecture of SMUAP is based on passive monitoring of network traffic and analysis of communication between devices. The analytical module of the system is mostly based on artificial intelligence and machine learning, while the network monitoring tool is passive sniffer (in several options, including FPGA technology).