Cyber Security of Internet Connected ICS/SCADA Devices and Services

Abstract

The monitoring and control of automation systems in the most critical infrastructures are provided by industrial control systems (ICS). Because of the importance and criticality of these systems, they are likely to be exposed to some external and internal cyber threats. Especially if they have internet access, the cyber risks increase and these systems cause functional disorders. Within the scope of this study, search engines such as Shodan, Censys, Fofa, which are used to determine industrial control systems facing to internet access, have been examined and analyzed. Among them, an API for the Shodan search engine has been created. With the relevant API, industrial communication protocols and industrial control systems open to internet access have been extracted and usage statistics have been determined. In line with the information obtained, these communication protocols and systems have been analyzed and security recommendations have been made for industrial control systems open to internet access.