Global ETD Search

11	Using High-level Synthesis to Predict and Preempt Attacks on Industrial Control Systems Franklin, Zane Ryan 21 April 2014 (has links) As the rate and severity of malicious software attacks have escalated, industrial control systems (ICSes) have emerged as a particularly vulnerable target. ICSes govern the automation of the physical processes in industries such as power, water, oil and manufacturing. In contrast to the personal computing space, where attackers attempt to capture information or computing resources, the attacks directed at ICSes aim to degrade or destroy the physical processes or plants maintained by the ICS. Exploits with potentially catastrophic results are sold on brokerages to any interested party. Previous efforts in ICS security implicitly and mistakenly trust internal software. This thesis presents an architecture for trust enhancement of critical embedded processes (TECEP). TECEP assumes that all software can be or has already been compromised. Trust is instead placed in hardware that is invisible to any malicious software. Software processes critical for stable operation are duplicated in hardware, along with a supervisory process to monitor the behavior of the plant. Furthermore, a copy of the software and a model of the plant are implemented in hardware in order to estimate the system's future behavior. In the event of an attack, the hardware can successfully identify the plant's abnormal behavior in either the present or the future and supersede the software's directives, allowing the plant to continue functioning correctly. This approach to ICS security can be retrofitted to existing ICSes, has minimal impact on the ICS design process, and modestly increases hardware requirements in a programmable system-on-chip. / Master of Science Industrial control systems security reconfigurable platform high-level synthesis system-on-chip
12	Preemptive Detection of Cyber Attacks on Industrial Control Systems Harshe, Omkar Anand 01 July 2015 (has links) Industrial Control Systems (ICSes), networked through conventional IT infrastructures, are vulnerable to attacks originating from network channels. Perimeter security techniques such as access control and firewalls have had limited success in mitigating such attacks due to the frequent updates required by standard computing platforms, third-party hardware and embedded process controllers. The high level of human-machine interaction also aids in circumventing perimeter defenses, making an ICS susceptible to attacks such as reprogramming of embedded controllers. The Stuxnet and Aurora attacks have demonstrated the vulnerabilities of ICS security and proved that these systems can be stealthily compromised. We present several run-time methods for preemptive intrusion detection in industrial control systems to enhance ICS security against reconfiguration and network attacks. A run-time prediction using a linear model of the physical plant and a neural-network based classifier trigger mechanism are proposed for preemptive detection of an attack. A standalone, safety preserving, optimal backup controller is implemented to ensure plant safety in case of an attack. The intrusion detection mechanism and the backup controller are instantiated in configurable hardware, making them invisible to operating software and ensuring their integrity in the presence of malicious software. Hardware implementation of our approach on an inverted pendulum system illustrates the performance of both techniques in the presence of reconfiguration and network attacks. / Master of Science Industrial control systems malware resilience real-time prediction classifier-based intrusion detection
13	THE APPLICATION OF AUTONOMIC COMPUTING FOR THE PROTECTION OF INDUSTRIAL CONTROL SYSTEMS Cox, Donald Patrick January 2011 (has links) Critical infrastructures are defined as the basic facilities, services and utilities needed to support the functioning of society. For over three-thousand years, civil engineers have built these infrastructures to ensure that needed services and products are available to make mankind more comfortable, secure and productive. Modern infrastructure control systems are vulnerable to disruption from natural disaster, accident, negligent operation and intentional cyber assaults from malicious agents. Many critical processes within our infrastructures are continuous (e.g., electric power, etc.) and cannot be interrupted without consequence to industry and the public. Failure to protect the critical infrastructure from cyber assaults will result in physical, economic and social impacts, extending from the local to the national level. Cyber weapons have shown that harm to infrastructures can occur before system operators have time to determine the source.We present the thesis that infrastructure control systems can employ autonomic computing technology to detect anomalies and mitigate process disruption. Specifically we focus on: 1) autonomic computing algorithms that can be integrated into control systems and networks to detect and respond to anomalies; 2) autonomic technology capable of detecting and blocking infrastructure controller commands, that if executed, would result in process disruption; 3) design and construction of a prototype Autonomic Critical Infrastructure Protection appliance (ACIP) for integration and testing of autonomic algorithms; and 4) the design and construction of a test bed capable of modeling critical infrastructures and related control systems and processes for the purpose of testing and demonstrating new autonomic technologies.We report on the development of a new, multi-dimension ontology that organizes cyber assault methodologies correlated with perpetrator motivation and goals. Using this ontology, we create a theoretical framework to identify the integration points for protective technology within infrastructure control systems. We have created a unique modeling and simulation test bed for critical infrastructure systems and processes, and a prototype autonomic computing appliance. Through this work, we have developed an expanded understanding of autonomic computing theory and its application to controls systems. We also, through experimentation, prove the thesis and establish a roadmap for future research. industrial control systems information Technology programmable controller SCADA Electrical & Computer Engineering autonomic computing critical infrastructure protection
14	A Novel Approach to Determining Real-Time Risk Probabilities in Critical Infrastructure Industrial Control Systems Elrod, Michael 01 January 2017 (has links) Critical Infrastructure Industrial Control Systems are substantially different from their more common and ubiquitous information technology system counterparts. Industrial control systems, such as distributed control systems and supervisory control and data acquisition systems that are used for controlling the power grid, were not originally designed with security in mind. Geographically dispersed distribution, an unfortunate reliance on legacy systems and stringent availability requirements raise significant cybersecurity concerns regarding electric reliability while constricting the feasibility of many security controls. Recent North American Electric Reliability Corporation Critical Infrastructure Protection standards heavily emphasize cybersecurity concerns and specifically require entities to categorize and identify their Bulk Electric System cyber systems; and, have periodic vulnerability assessments performed on those systems. These concerns have produced an increase in the need for more Critical Infrastructure Industrial Control Systems specific cybersecurity research. Industry stakeholders have embraced the development of a large-scale test environment through the Department of Energy’s National Supervisory Control and Data Acquisition Test-bed program; however, few individuals have access to this program. This research developed a physical industrial control system test-bed on a smaller-scale that provided an environment for modeling a simulated critical infrastructure sector performing a set of automated processes for the purpose of exploring solutions and studying concepts related to compromising control systems by way of process-tampering through code exploitation, as well as, the ability to passively and subsequently identify any risks resulting from such an event. Relative to the specific step being performed within a production cycle, at a moment in time when sensory data samples were captured and analyzed, it was possible to determine the probability of a real-time risk to a mock Critical Infrastructure Industrial Control System by comparing the sample values to those derived from a previously established baseline. This research achieved such a goal by implementing a passive, spatial and task-based segregated sensor network, running in parallel to the active control system process for monitoring and detecting risk, and effectively identified a real-time risk probability within a Critical Infrastructure Industrial Control System Test-bed. The practicality of this research ranges from determining on-demand real-time risk probabilities during an automated process, to employing baseline monitoring techniques for discovering systems, or components thereof, exploited along the supply chain. Critical Infrastructure Security ICS ICS test-bed Industrial Control Systems Parallel Risk Monitoring Risk Assessment Methodology Computer Sciences
15	Industrial Internet of Things : En analys av hot och sårbarheter i industriella verksamheter Johnsson, Daniel, Krohn, Lina January 2019 (has links) Today the digital evolution is progressing rapidly. This entails both pros and cons concerning the security of devices. Despite the evolution, security has been left in the dark. This results in threats and vulnerabilities in devices, which could potentially be used by a hacker with the purpose of exploiting information. Security has not been a priority in industrial enterprises, even though industrial devices and other networked devices reside on the same network. The evolution of the infrastructure of the Internet has resulted in an increase of cyberattacks. These attacks used to target random individuals. The attacks of today are more intelligent, and hackers have changed their targets to specific enterprises to further exploit sensitive information, damage devices or for financial benefits. Safety in today’s industrial workplaces, such as firewalls, encryption and intrusion detection systems are not specifically designed to work in this type of environment. This leads to new threats and vulnerabilities which further leads to more exploited vulnerabilities. This formulate the following questions: Which are the most occurring threats and vulnerabilities today? What current methods and tools are suited for controlling security in IIoT-networks and its internal industrial devices? The purpose of this thesis was to examine the most occurring threats and vulnerabilities in IIoT-networks and its internal devices and reason among the methods to evaluate security in industrial enterprises. Lastly, an experiment in a real industrial workplace was conducted to attain a nuanced picture of the implementation of finding threats and vulnerabilities in industrial systems. In summary, there are a lot of different threats and vulnerabilities divided into categories and many tools are available to ensure the vulnerability. To conduct a test to find threats and vulnerabilities in an industrial enterprise, it needs to be ethically correct and the consequences carefully considered. The result of this thesis is a mapping and a demonstration of how threats and vulnerabilities are detected in an industrial workplace. Internet of Things Industrial Internet of Things SCADA Industrial Control Systems Övrig annan teknik
16	Toward Cyber-Secure and Resilient Networked Control Systems Teixeira, André January 2014 (has links) Resilience is the ability to maintain acceptable levels of operation in the presence of abnormal conditions. It is an essential property in industrial control systems, which are the backbone of several critical infrastructures. The trend towards using pervasive information technology systems, such as the Internet, results in control systems becoming increasingly vulnerable to cyber threats. Traditional cyber security does not consider the interdependencies between the physical components and the cyber systems. On the other hand, control-theoretic approaches typically deal with independent disturbances and faults, thus they are not tailored to handle cyber threats. Theory and tools to analyze and build control system resilience are, therefore, lacking and in need to be developed. This thesis contributes towards a framework for analyzing and building resilient control systems. First, a conceptual model for networked control systems with malicious adversaries is introduced. In this model, the adversary aims at disrupting the system behavior while remaining undetected by an anomaly detector The adversary is constrained in terms of the available model knowledge, disclosure resources, and disruption capabilities. These resources may correspond to the anomaly detector’s algorithm, sniffers of private data, and spoofers of control commands, respectively. Second, we address security and resilience under the perspective of risk management, where the notion of risk is defined in terms of a threat’s scenario, impact, and likelihood. Quantitative tools to analyze risk are proposed. They take into account both the likelihood and impact of threats. Attack scenarios with high impact are identified using the proposed tools, e.g., zero-dynamics attacks are analyzed in detail. The problem of revealing attacks is also addressed. Their stealthiness is characterized, and how to detect them by modifying the system’s structure is also described. As our third contribution, we propose distributed fault detection and isolation schemes to detect physical and cyber threats on interconnected second-order linear systems. A distributed scheme based on unknown input observers is designed to jointly detect and isolate threats that may occur on the network edges or nodes. Additionally, we propose a distributed scheme based on local models and measurements that is resilient to changes outside the local subsystem. The complexity of the proposed methods is decreased by reducing the number of monitoring nodes and by characterizing the minimum amount of model information and measurements needed to achieve fault detection and isolation. Finally, we tackle the problem of distributed reconfiguration under sensor and actuator faults. In particular, we consider a control system with redundant sensors and actuators cooperating to recover from the removal of individual nodes. The proposed scheme minimizes a quadratic cost while satisfying a model-matching condition, which maintains the nominal closed-loop behavior after faults. Stability of the closed-loop system under the proposed scheme is analyzed. / Ett resilient system har förmågan att återhämta sig efter en kraftig och oväntad störning. Resiliens är en viktig egenskap hos industriella styrsystem som utgör en viktig komponent i många kritiska infrastrukturer, såsom processindustri och elkraftnät. Trenden att använda storskaliga IT-system, såsom Internet, inom styrsystem resulterar i en ökad sårbarhet för cyberhot. Traditionell IT-säkerhet tar inte hänsyn till den speciella koppling mellan fysikaliska komponenter och ITsystem som finns inom styrsystem. Å andra sidan så brukar traditionell reglerteknik fokusera på att hantera naturliga fel och inte cybersårbarheter. Teori och verktyg för resilienta och cybersäkra styrsystem saknas därför och behöver utvecklas. Denna avhandling bidrar till att ta fram ett ramverk för att analysera och konstruera just sådana styrsystem. Först så tar vi fram en representativ abstrakt modell för nätverkade styrsystem som består av fyra komponenter: den fysikaliska processen med sensorer och ställdon, kommunikationsnätet, det digitala styrsystemet och en feldetektor. Sedan införs en konceptuell modell för attacker gentemot det nätverkade styrsystemet. I modellen så beskrivs attacker som försöker undgå att skapa alarm i feldetektorn men ändå stör den fysikaliska processen. Dessutom så utgår modellen ifrån att den som utför attacken har begränsade resurser i fråga om modellkännedom och kommunikationskanaler. Det beskrivna ramverket används sedan för att studera resilens gentemot attackerna genom en riskanalys, där risk definieras utifrån ett hots scenario, konsekvenser och sannolikhet. Kvantitativa metoder för att uppskatta attackernas konsekvenser och sannolikheter tas fram, och speciellt visas hur hot med hög risk kan identifieras och motverkas. Resultaten i avhandlingen illustreras med ett flertal numeriska och praktiska exempel. / <p>QC 20141016</p> Cyber Security Resilience Industrial Control Systems Fault-Tolerant Systems Risk Management Cyber säkerhet Resiliens Industriella Styrsystem Riskanalys
17	Zachytávání kybernetických hrozeb industriálních systémů / Capturing cyber-threats of industrial systems Dobrík, Andrej January 2020 (has links) S vedomím že kybernetické útoky stoja korporácie každoročne miliardy, počínajúc neoprávnenými útokmi, distribuovanými útokmi odmietnutia služieb (DDOS) až po vírusy a počítačové červy atď., prichádza problém s nástrojmi, ktoré majú k dispozícii správcovia systému. Táto diplomová práca sa venuje skúmaniu jedného z takýchto nástrojov, Honeypot. Presnejšie, Honeypot zariadeniam pre priemyselné riadiace systémy. Od historicky počiatočných implementácií takýchto systémov, cez analýzu súčasných riešení až po vytvorenie nového riešenia Honeypot, s vysokou mierou interakcie a následným nasadením na nový virtuálny súkromný server, po ktorom nasleduje analýza narušení, ktoré sa vyskytnú počas obdobia nasadenia.
18	Optimal and Resilient Control with Applications in Smart Distribution Grids Paridari, Kaveh January 2016 (has links) The electric power industry and society are facing the challenges and opportunities of transforming the present power grid into a smart grid. To meet these challenges, new types of control systems are connected over IT infrastructures. While this is done to meet highly set economical and environmental goals, it also introduces new sources of uncertainty in the control loops. In this thesis, we consider control design taking some of these uncertainties into account. In Part I of the thesis, some economical and environmental concerns in smart grids are taken into account, and a scheduling framework for static loads (e.g., smart appliances in residential areas) and dynamic loads (e.g., energy storage systems) in the distribution level is investigated. A robust formulation is proposed taking the user behavior uncertainty into account, so that the optimal scheduling cost is less sensitive to unpredictable changes in user preferences. In addition, a novel distributed algorithm for the studied scheduling framework is proposed, which aims at minimizing the aggregated electricity cost of a network of apartments sharing an energy storage system. We point out that the proposed scheduling framework is applicable to various uncertainty sources, storage technologies, and programmable electrical loads. In Part II of the thesis, we study smart grid uncertainty resulting from possible security threats. Smart grids are one of the most complex cyber-physical systems considered, and are vulnerable to various cyber and physical attacks. The attack scenarios consider cyber adversaries that may corrupt a few measurements and reference signals, which may degrade the system’s reliability and even destabilize the voltage magnitudes. In addition, a practical attack-resilient framework for networked control systems is proposed. This framework includes security information analytics to detect attacks and a resiliency policy to improve the performance of the system running under the attack. Stability and optimal performance of the networked control system under attack and by applying the proposed framework, is proved here. The framework has been applied to an energy management system and its efficiency is demonstrated on a critical attack scenario. / <p>QC 20160830</p> Resilient Control Robust Control Optimal Control Smart Distribution Grid Industrial Control Systems Microgrids Demand Response Energy Control Engineering Reglerteknik
19	Assessment and enforcement of wireless sensor network-based SCADA systems security / Évaluation et mise en oeuvre de la sécurité dans les systèmes SCADA à base de réseaux de capteurs sans fil Bayou, Lyes 19 June 2018 (has links) La sécurité des systèmes de contrôle industriel est une préoccupation majeure. En effet, ces systèmes gèrent des installations qui jouent un rôle économique important. En outre, attaquer ces systèmes peut non seulement entraîner des pertes économiques, mais aussi menacer des vies humaines. Par conséquent, et comme ces systèmes dépendent des données collectées, il devient évident qu’en plus des exigences de temps réel, il est important de sécuriser les canaux de communication entre ces capteurs et les contrôleurs principaux. Ces problèmes sont plus difficiles à résoudre dans les réseaux de capteurs sans fil (WSN). Cette thèse a pour but d’aborder les questions de sécurité des WSN. Tout d’abord, nous effectuons une étude de sécurité approfondie du protocole WirelessHART. Ce dernier est le protocole leader pour les réseaux de capteurs sans fil industriels (WISN). Nous évaluons ses forces et soulignons ses faiblesses et ses limites. En particulier, nous décrivons deux vulnérabilités de sécurité dangereuses dans son schéma de communication et proposons des améliorations afin d’y remédier. Ensuite, nous présentons wIDS, un système de détection d’intrusion (IDS) multicouches qui se base sur les spécifications, spécialement développé pour les réseaux de capteurs sans fil industriels. L’IDS proposé vérifie la conformité de chaque action effectuée par un noeud sans fil sur la base d’un modèle formel du comportement normal attendu. / The security in Industrial Control Systems is a major concern. Indeed, these systems manage installations that play an important economical role. Furthermore, targeting these systems can lead not only to economical losses but can also threaten human lives. Therefore, and as these systems depend on sensing data, it becomes obvious that additionally to real-time requirement, it is important to secure communication channels between these sensors and the main controllers. These issues are more challenging inWireless Sensor Networks (WSN) as the use of wireless communications brings its own security weaknesses. This thesis aims to address WSN-based security issues. Firstly, we conduct an in-deep security study of the WirelessHART protocol. This latter is the leading protocol for Wireless Industrial Sensor Networks (WISN) and is the first international approved standard. We assess its strengths and emphasize its weaknesses and limitations. In particular, we describe two harmful security vulnerabilities in the communication scheme of WirelessHART and propose improvement in order to mitigate them. Secondly, we present wIDS, a multilayer specification based Intrusion Detection System (IDS) specially tailored for Wireless Industrial Sensor Networks. The proposed IDS checks the compliance of each action performed by a wireless node based on a formal model of the expected normal behavior. Systèmes industriels Réseaux de capteurs sans fil WirelessHART Analyse de protocoles Détection d’intrusions Industrial Control Systems Wireless Sensor Networks WirelessHART Protocol analysis Intrusion Detection 004
20	Risk monitoring with intrusion detection for industrial control systems / Surveillance des risques avec détection d'intrusion pour les systèmes de contrôle industriels Muller, Steve 26 June 2018 (has links) Les cyberattaques contre les infrastructures critiques telles que la distribution d'électricité, de gaz et d'eau ou les centrales électriques sont de plus en plus considérées comme une menace pertinente et réaliste pour la société européenne. Alors que des solutions éprouvées comme les applications antimalware, les systèmes de détection d'intrusion (IDS) et même les systèmes de prévention d'intrusion ou d'auto-cicatrisation ont été conçus pour des systèmes informatiques classiques, ces techniques n'ont été que partiellement adaptées au monde des systèmes de contrôle industriel. En conséquence, les organisations et les pays font recours à la gestion des risques pour comprendre les risques auxquels ils sont confrontés. La tendance actuelle est de combiner la gestion des risques avec la surveillance en temps réel pour permettre des réactions rapides en cas d'attaques. Cette thèse vise à fournir des techniques qui aident les responsables de la sécurité à passer d'une analyse de risque statique à une plateforme de surveillance des risques dynamique et en temps réel. La surveillance des risques comprend trois étapes, chacune étant traitée en détail dans cette thèse : la collecte d'informations sur les risques, la notification des événements de sécurité et, enfin, l'inclusion de ces informations en temps réel dans une analyse des risques. La première étape consiste à concevoir des agents qui détectent les incidents dans le système. Dans cette thèse, un système de détection d'intrusion est développé à cette fin, qui se concentre sur une menace persistante avancée (APT) qui cible particulièrement les infrastructures critiques. La deuxième étape consiste à traduire les informations techniques en notions de risque plus abstraites, qui peuvent ensuite être utilisées dans le cadre d'une analyse des risques. Dans la dernière étape, les informations collectées auprès des différentes sources sont corrélées de manière à obtenir le risque auquel l'ensemble du système est confronté. Les environnements industriels étant caractérisés par de nombreuses interdépendances, un modèle de dépendance est élaboré qui prend en compte les dépendances lors de l'estimation du risque. / Cyber-attacks on critical infrastructure such as electricity, gas, and water distribution, or power plants, are more and more considered to be a relevant and realistic threat to the European society. Whereas mature solutions like anti-malwareapplications, intrusion detection systems (IDS) and even intrusion prevention or self-healing systems have been designed for classic computer systems, these techniques have only been partially adapted to the world of Industrial ControlSystems (ICS). As a consequence, organisations and nations fall back upon risk management to understand the risks that they are facing. Today's trend is to combine risk management with real-time monitoring to enable prompt reactions in case of attacks. This thesis aims at providing techniques that assist security managers in migrating from a static risk analysis to areal-time and dynamic risk monitoring platform. Risk monitoring encompasses three steps, each being addressed in detail in this thesis: the collection of risk-related information, the reporting of security events, and finally the inclusion of this real time information into a risk analysis. The first step consists in designing agents that detect incidents in the system. In this thesis, an intrusion detection system is developed to this end, which focuses on an advanced persistent threat (APT) that particularly targets critical infrastructures. The second step copes with the translation of the obtained technical information in more abstract notions of risk, which can then be used in the context of a risk analysis. In the final step, the information collected from the various sources is correlated so as to obtain the risk faced by the entire system. Since industrial environments are characterised by many interdependencies, a dependency model is elaborated which takes dependencies into account when the risk is estimated. Gestion de risque en temps réel Surveillance des risques Modélisation de dépendances Systèmes industriels Détection d'intrusions Real-Time risk management Risk monitoring Dependency modelling Industrial control systems Intrusion detection 004

Search results