{"title":"A cyber-defensive industrial control system with redundancy and intrusion detection","authors":"D. Robinson, Charles Kim","doi":"10.1109/NAPS.2017.8107186","DOIUrl":null,"url":null,"abstract":"Technological advancement of Industrial Control Systems (ICS) and control systems automation over the past decade has brought greater interconnections of the control components. Modern control communication systems such as ModbusTCP are based on open standards that leverage Ethernet to allow interoperability between solutions from different vendors. The enhanced exchange of information has, as a side effect, created cyber security vulnerabilities such as entry points for hackers. Network monitoring typically applied to corporate networks is rarely implemented for ICS networks and should be mandatory for critical systems. Defense-in-Depth (DiD) is a concept that built on the premise of early detection and providing alerts of intrusions to guarantee that defensive action is taken prior to the breach of any critical assets. This paper validates the new intrusion detection based cyberdefensive architecture by using a Raspberry Pi based ModbusTCP control system that enables simulation of cyber-attacks, and illustrates a mitigation measure with the added feature of Modbus monitoring using Snort.","PeriodicalId":296428,"journal":{"name":"2017 North American Power Symposium (NAPS)","volume":"172 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"7","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 North American Power Symposium (NAPS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/NAPS.2017.8107186","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 7
Abstract
Technological advancement of Industrial Control Systems (ICS) and control systems automation over the past decade has brought greater interconnections of the control components. Modern control communication systems such as ModbusTCP are based on open standards that leverage Ethernet to allow interoperability between solutions from different vendors. The enhanced exchange of information has, as a side effect, created cyber security vulnerabilities such as entry points for hackers. Network monitoring typically applied to corporate networks is rarely implemented for ICS networks and should be mandatory for critical systems. Defense-in-Depth (DiD) is a concept that built on the premise of early detection and providing alerts of intrusions to guarantee that defensive action is taken prior to the breach of any critical assets. This paper validates the new intrusion detection based cyberdefensive architecture by using a Raspberry Pi based ModbusTCP control system that enables simulation of cyber-attacks, and illustrates a mitigation measure with the added feature of Modbus monitoring using Snort.