Searching for just a few words should be enough to get started. If you need to make more complex queries, use the tips below to guide you.
Article type: Research Article
Authors: Liyakkathali, Salimah; * | Furtado, Francisco | Sugumar, Gayathri | Mathur, Aditya
Affiliations: iTrust Centre for Research in Cyber Security, Singapore University of Technology and Design, Singapore
Correspondence: [*] Corresponding author. Email: bssbl.research@gmail.com
Abstract: The rise in attacks on Industrial Control Systems (ICS) makes it imperative for the anomaly detection mechanisms (ADMs) to be complete with respect to a set of attacks. In this work, a method is proposed to create and launch simulated attacks on ICS. In the proposed method, referred to as ICS Resilience (ICSRes), attacks are generated using a tool suite named A6. A6 mutates data exchanged between any two PLCs connected via the communications network as well as between a PLC and the sensors and actuators connected to it via a Remote Input/Output (RIO) unit. It consists of both single-point and multi-point mutations that can be manipulated in static or in dynamic form. A two-part case study was conducted to assess the effectiveness and completeness of ICSRes and A6 when compared with that of launching humanly designed attacks. Effectiveness is defined as the ability to detect complex attacks that causes process anomalies and completeness refers to the ability to detect the type of attack. In Part I of the study, the attacks were automatically generated and launched using A6. In Part II a set of attacks was generated and launched manually while participating in an international cyber-exercise. In both parts of the study three ADMs, installed in an operational water treatment testbed, were used to assess their completeness with respect to the generated attacks. The results demonstrate the effectiveness of ICSRes and the tools in highlighting the strength and weaknesses of the ADMs and the value of using A6.
Keywords: Cyber-physical systems, industrial control system, anomaly detection mechanism, critical infrastructure, cyber security
DOI: 10.3233/JID-210023
Journal: Journal of Integrated Design and Process Science, vol. 24, no. 3-4, pp. 35-50, 2020
IOS Press, Inc.
6751 Tepper Drive
Clifton, VA 20124
USA
Tel: +1 703 830 6300
Fax: +1 703 830 2300
sales@iospress.com
For editorial issues, like the status of your submitted paper or proposals, write to editorial@iospress.nl
IOS Press
Nieuwe Hemweg 6B
1013 BG Amsterdam
The Netherlands
Tel: +31 20 688 3355
Fax: +31 20 687 0091
info@iospress.nl
For editorial issues, permissions, book requests, submissions and proceedings, contact the Amsterdam office info@iospress.nl
Inspirees International (China Office)
Ciyunsi Beili 207(CapitaLand), Bld 1, 7-901
100025, Beijing
China
Free service line: 400 661 8717
Fax: +86 10 8446 7947
china@iospress.cn
For editorial issues, like the status of your submitted paper or proposals, write to editorial@iospress.nl
如果您在出版方面需要帮助或有任何建, 件至: editorial@iospress.nl