{"title":"根据工业网络中的安全策略检查系统配置","authors":"M. Cheminod, L. Durante, A. Valenzano","doi":"10.1109/SIES.2012.6356591","DOIUrl":null,"url":null,"abstract":"Awareness that networked embedded systems are vulnerable to cyber-threats has been constantly raising since some years ago. In the industrial arena recent severe attacks, such as the popular case of the Stuxnet worm, have completely debunked the myth of security of embedded devices based on their isolation. Indeed, the ever increasing dependence of many industrial systems on digital communication networks is causing the cyber-security requirements to become a priority in their planning, design, deployment and management. This paper deals with our experience in checking the conformance of a distributed industrial automation system, which includes several types of embedded devices, with respect to a set of security policies defined at the global system level. In particular, the focus of the paper is on the use of modeling techniques and semi-automated s/w tools to verify the configuration of devices and services with attention to the correct use of their security capabilities to support the desired set of policies.","PeriodicalId":219258,"journal":{"name":"7th IEEE International Symposium on Industrial Embedded Systems (SIES'12)","volume":"20 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2012-06-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"6","resultStr":"{\"title\":\"System configuration check against security policies in industrial networks\",\"authors\":\"M. Cheminod, L. Durante, A. Valenzano\",\"doi\":\"10.1109/SIES.2012.6356591\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Awareness that networked embedded systems are vulnerable to cyber-threats has been constantly raising since some years ago. In the industrial arena recent severe attacks, such as the popular case of the Stuxnet worm, have completely debunked the myth of security of embedded devices based on their isolation. Indeed, the ever increasing dependence of many industrial systems on digital communication networks is causing the cyber-security requirements to become a priority in their planning, design, deployment and management. This paper deals with our experience in checking the conformance of a distributed industrial automation system, which includes several types of embedded devices, with respect to a set of security policies defined at the global system level. In particular, the focus of the paper is on the use of modeling techniques and semi-automated s/w tools to verify the configuration of devices and services with attention to the correct use of their security capabilities to support the desired set of policies.\",\"PeriodicalId\":219258,\"journal\":{\"name\":\"7th IEEE International Symposium on Industrial Embedded Systems (SIES'12)\",\"volume\":\"20 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2012-06-20\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"6\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"7th IEEE International Symposium on Industrial Embedded Systems (SIES'12)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SIES.2012.6356591\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"7th IEEE International Symposium on Industrial Embedded Systems (SIES'12)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SIES.2012.6356591","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
System configuration check against security policies in industrial networks
Awareness that networked embedded systems are vulnerable to cyber-threats has been constantly raising since some years ago. In the industrial arena recent severe attacks, such as the popular case of the Stuxnet worm, have completely debunked the myth of security of embedded devices based on their isolation. Indeed, the ever increasing dependence of many industrial systems on digital communication networks is causing the cyber-security requirements to become a priority in their planning, design, deployment and management. This paper deals with our experience in checking the conformance of a distributed industrial automation system, which includes several types of embedded devices, with respect to a set of security policies defined at the global system level. In particular, the focus of the paper is on the use of modeling techniques and semi-automated s/w tools to verify the configuration of devices and services with attention to the correct use of their security capabilities to support the desired set of policies.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
