Global ETD Search

1	An open virtual testbed for industrial control system security research Reaves, Bradley Galloway 06 August 2011 (has links) ICS security has been a topic of scrutiny and research for several years, and many security issues are well known. However, research efforts are impeded by a lack of an open virtual industrial control system testbed for security research. This thesis describes a virtual testbed framework using Python to create discrete testbed components (including virtual devices and process simulators). This testbed is designed such that the testbeds are interoperable with real ICS devices and that the virtual testbeds can provide comparable ICS network behavior to a laboratory testbed. Two testbeds based on laboratory testbeds have been developed and have been shown to be interoperable with real industrial control systemequipment and vulnerable to attacks in the samemanner as a real system. Additionally, these testbeds have been quantitatively shown to produce traffic close to laboratory systems (within 90% similarity on most metrics). Testbed SCADA Security Industrial Control System Security
2	Utveckling av modellbaserad reglering i kommersiella styrsystem / Development of model based control in commercial control systems Carlsson, Oscar January 2009 (has links) <p>In industrial control systems PID-control remains the prevalent strategy, also for processes that would benefit from model based control. The purpose of this thesis is to evaluate whether model based control can be readily implemented in an industrial control system. To this end a simulated surge tank with a simulated industrial control system is studied. For evaluation two scenarios with specified objectives are selected.</p><p>Following a review of LQR and versions of MPC, Predictive Functional Control (PFC) is considered the most suitable for implementation. PFC is a form of MPC developed with industrial applications in mind and therefore has several advantages for implementation in an industrial control system. Controllers for the surge tank-system are developed and implemented in the control system.</p><p>Basic analysis of stability, sensitivity and robustness suggests that PFC has some advantages that might be important in a non-simulated implementation. Compared with PID-controllers adjusted for control performance, PFC does not show any notable improvements in performance.</p><p>In conclusion, it is possible to implement model based control in an industrial control system and with PFC the implementation is considered easy.</p> Process control Industrial control system Automatic control Reglerteknik
3	Utveckling av modellbaserad reglering i kommersiella styrsystem / Development of model based control in commercial control systems Carlsson, Oscar January 2009 (has links) In industrial control systems PID-control remains the prevalent strategy, also for processes that would benefit from model based control. The purpose of this thesis is to evaluate whether model based control can be readily implemented in an industrial control system. To this end a simulated surge tank with a simulated industrial control system is studied. For evaluation two scenarios with specified objectives are selected. Following a review of LQR and versions of MPC, Predictive Functional Control (PFC) is considered the most suitable for implementation. PFC is a form of MPC developed with industrial applications in mind and therefore has several advantages for implementation in an industrial control system. Controllers for the surge tank-system are developed and implemented in the control system. Basic analysis of stability, sensitivity and robustness suggests that PFC has some advantages that might be important in a non-simulated implementation. Compared with PID-controllers adjusted for control performance, PFC does not show any notable improvements in performance. In conclusion, it is possible to implement model based control in an industrial control system and with PFC the implementation is considered easy. Process control Industrial control system Automatic control Reglerteknik
4	Semantic-aware Stealthy Control Logic Infection Attack kalle, Sushma 06 August 2018 (has links) In this thesis work we present CLIK, a new, automated, remote attack on the control logic of a programmable logic controller (PLC) in industrial control systems. The CLIK attack modifies the control logic running in a remote target PLC automatically to disrupt a physical process. We implement the CLIK attack on a real PLC. The attack is initiated by subverting the security measures that protect the control logic in a PLC. We found a critical (zero-day) vulnerability, which allows the attacker to overwrite password hash in the PLC during the authentication process. Next, CLIK retrieves and decompiles the original logic and injects a malicious logic into it and then, transfers the infected logic back to the PLC. To hide the infection, we propose a virtual PLC that engages the software the virtual PLC intercepts the request and then, responds with the original (uninfected) control logic to the software. Information Security
5	Návrh zabezpečení průmyslového řídícího systému / Industrial control system security design Strnad, Matěj January 2019 (has links) The subject of the master's thesis is a design of security measures for securing of an industrial control system. It includes an analysis of characteristics of communication environment and specifics of industrial communication systems, a comparison of available technological means and a design of a solution according to investor's requirements.
6	Omni SCADA intrusion detection Gao, Jun 11 May 2020 (has links) We investigate deep learning based omni intrusion detection system (IDS) for supervisory control and data acquisition (SCADA) networks that are capable of detecting both temporally uncorrelated and correlated attacks. Regarding the IDSs developed in this paper, a feedforward neural network (FNN) can detect temporally uncorrelated attacks at an F1 of 99.967±0.005% but correlated attacks as low as 58±2%. In contrast, long-short term memory (LSTM) detects correlated attacks at 99.56±0.01% while uncorrelated attacks at 99.3±0.1%. Combining LSTM and FNN through an ensemble approach further improves the IDS performance with F1 of 99.68±0.04% regardless the temporal correlations among the data packets. / Graduate SCADA Industrial control system Modbus LSTM IDS Deep learning Recurrent neural network
7	The SAP Link: A Controller Architecture for Secure Industrial Control Systems Wyman, Matthew Cody 01 February 2019 (has links) Industrial Control Systems are essential to modern life. They are utilized in hundreds of processes including power distribution, water treatment, manufacturing, traffic management, and amusement park ride control. These systems are an essential part of modern life and if compromised, could result in significant economic loss, safety impacts, damage to the environment, and even loss of life. Unfortunately, many of these systems are not properly secured from a cyber attack. It is likely that a well-funded and motivated attack from a nation-state will successfully compromise an industrial control system's network. As cyber war becomes more prevalent, it is becoming more critical to find new and innovative ways to reduce the physical impacts from a cyber attack.This thesis presents a new architecture for a secure industrial controller. This architecture protects the integrity of the controller logic, including the safety logic which is responsible for keeping the process in a safe condition. In particular, it would prevent malicious or accidental modification or bypassing of the controller logic. This architecture divides the controller into three components; the logic controller, the interface controller and the SAP link. The logic controller is responsible for controlling the equipment and contains the safety logic. The interface controller communicates with the rest of the control system network. The Simple As Possible (SAP) link is a bridge between the logic and interface controllers that ensures the integrity of the logic controller by drastically limiting the external interface of the logic controller. We implement this new architecture on a physical controller to demonstrate the process of implementing the architecture and to demonstrate its feasibility. SCADA ICS security controller architecture industrial control system cyber war safety logic Electrical and Computer Engineering
8	Leveraging PLC Ladder Logic for Signature Based IDS Rule Generation Richey, Drew Jackson 12 August 2016 (has links) Industrial Control Systems (ICS) play a critical part in our world’s economy, supply chain and critical infrastructure. Securing the various types of ICS is of the utmost importance and has been a focus of much research for the last several years. At the heart of many defense in depth strategies is the signature based intrusion detection system (IDS). The signatures that define an IDS determine the effectiveness of the system. Existing methods for IDS signature creation do not leverage the information contained within the PLC ladder logic file. The ladder logic file is a rich source of information about the PLC control system. This thesis describes a method for parsing PLC ladder logic to extract address register information, data types and usage that can be used to better define the normal operation of the control system which will allow for rules to be created to detect abnormal activity. industrial control system security intrusion detection system signature based ids ladder logic
9	Robust Anomaly Detection in Critical Infrastructure Abdelaty, Maged Fathy Youssef 14 September 2022 (has links) Critical Infrastructures (CIs) such as water treatment plants, power grids and telecommunication networks are critical to the daily activities and well-being of our society. Disruption of such CIs would have catastrophic consequences for public safety and the national economy. Hence, these infrastructures have become major targets in the upsurge of cyberattacks. Defending against such attacks often depends on an arsenal of cyber-defence tools, including Machine Learning (ML)-based Anomaly Detection Systems (ADSs). These detection systems use ML models to learn the profile of the normal behaviour of a CI and classify deviations that go well beyond the normality profile as anomalies. However, ML methods are vulnerable to both adversarial and non-adversarial input perturbations. Adversarial perturbations are imperceptible noises added to the input data by an attacker to evade the classification mechanism. Non-adversarial perturbations can be a normal behaviour evolution as a result of changes in usage patterns or other characteristics and noisy data from normally degrading devices, generating a high rate of false positives. We first study the problem of ML-based ADSs being vulnerable to non-adversarial perturbations, which causes a high rate of false alarms. To address this problem, we propose an ADS called DAICS, based on a wide and deep learning model that is both adaptive to evolving normality and robust to noisy data normally emerging from the system. DAICS adapts the pre-trained model to new normality with a small number of data samples and a few gradient updates based on feedback from the operator on false alarms. The DAICS was evaluated on two datasets collected from real-world Industrial Control System (ICS) testbeds. The results show that the adaptation process is fast and that DAICS has an improved robustness compared to state-of-the-art approaches. We further investigated the problem of false-positive alarms in the ADSs. To address this problem, an extension of DAICS, called the SiFA framework, is proposed. The SiFA collects a buffer of historical false alarms and suppresses every new alarm that is similar to these false alarms. The proposed framework is evaluated using a dataset collected from a real-world ICS testbed. The evaluation results show that the SiFA can decrease the false alarm rate of DAICS by more than 80%. We also investigate the problem of ML-based network ADSs that are vulnerable to adversarial perturbations. In the case of network ADSs, attackers may use their knowledge of anomaly detection logic to generate malicious traffic that remains undetected. One way to solve this issue is to adopt adversarial training in which the training set is augmented with adversarially perturbed samples. This thesis presents an adversarial training approach called GADoT that leverages a Generative Adversarial Network (GAN) to generate adversarial samples for training. GADoT is validated in the scenario of an ADS detecting Distributed Denial of Service (DDoS) attacks, which have been witnessing an increase in volume and complexity. For a practical evaluation, the DDoS network traffic was perturbed to generate two datasets while fully preserving the semantics of the attack. The results show that adversaries can exploit their domain expertise to craft adversarial attacks without requiring knowledge of the underlying detection model. We then demonstrate that adversarial training using GADoT renders ML models more robust to adversarial perturbations. However, the evaluation of adversarial robustness is often susceptible to errors, leading to robustness overestimation. We investigate the problem of robustness overestimation in network ADSs and propose an adversarial attack called UPAS to evaluate the robustness of such ADSs. The UPAS attack perturbs the inter-arrival time between packets by injecting a random time delay before packets from the attacker. The attack is validated by perturbing malicious network traffic in a multi-attack dataset and used to evaluate the robustness of two robust ADSs, which are based on a denoising autoencoder and an adversarially trained ML model. The results demonstrate that the robustness of both ADSs is overestimated and that a standardised evaluation of robustness is needed. Anomaly Detection Deep Learning Robustne Industrial Control System Adversarial Training DDoS Attack
10	Predicting threat capability in control systems to enhance cybersecurity risk determination Price, Peyton 01 May 2020 (has links) Risk assessment is a critical aspect of all businesses, and leaders are tasked with limiting risk to the lowest reasonable level within their systems. Industrial Control Systems (ICS) operate in a different cybersecurity risk environment than business systems due to the possibility of second and third-order effects when an attack occurs. We present a process for predicting when an adversary gains the ability to attack an industrial control system. We assist leaders in understanding how attackers are targeting ICS by providing visualizations and percentages that can be applied to updating infrastructure or shifting personnel responsibilities to counter the threat. This new process seeks to integrate defenders and threat intelligence providers, allowing defenders to proactively defend their networks prior to devastating attacks. We apply the process by observing it under randomness with constraints and through a case study of the 2015 attack on the Ukrainian power grid. We find that this process answers the question of what an attacker can do, provides the ability for the defender to possess an updated understanding of the threat’s capability, and can both increase and decrease the probability that an attacker has a capability against a control system. This process will allow leaders to provide strategic vision to the businesses and systems that they manage. industrial control system risk threat capability prediction dempster combinations cyber physical systems

Search results