Stuxnet worm impact on industrial cyber-physical system security

IECON Proceedings (Industrial Electronics Conference)

Volumn , Issue , 2011, Pages 4490-4494

  Karnouskos, Stamatis ^a  

^a SAP RESEARCH   (Germany)

Author keywords

[No Author keywords available]

Indexed keywords

CYBER-PHYSICAL SYSTEMS; INDUSTRIAL SYSTEMS; MONITORING AND CONTROL SYSTEMS; OPERATING ENVIRONMENT; POTENTIAL THREATS; SECURITY CONSIDERATIONS; SENSE OF SECURITY; TECHNOLOGICAL CAPABILITY; WORM ATTACK;

CRITICAL INFRASTRUCTURES; EMBEDDED SYSTEMS; INDUSTRIAL ELECTRONICS; RISK ANALYSIS; RISK PERCEPTION;

INDUSTRY;

EID: 84856512439     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/IECON.2011.6120048     Document Type: Conference Paper

References (29)

1. S. Karnouskos, "Cyber-Physical Systems in the SmartGrid," in IEEE 9th International Conference on Industrial Informatics (INDIN), Lisbon, Portugal, 26-29 Jul. 2011.
2. European Commission DG Information Society and Media, "Monitoring and control: today's market, its evolution till 2020 and the impact of ICT on these," Oct. 2008, workshop presentation. [Online]. Available: http://www.decision.eu/smart/SMART 9Octv2.pdf
3. T. Chen and S. Abu-Nimeh, "Lessons from stuxnet," Computer, vol. 44, no. 4, pp. 91-93, 2011.
4. "Stuxnet." [Online]. Available: https://secure.wikimedia.org/ wikipedia/ en/wiki/Stuxnet#cite note-5
5. S. Karnouskos and A. W. Colombo, "Architecting the next generation of service-based SCADA/DCS system of systems," in 37th Annual Conference of the IEEE Industrial Electronics Society (IECON 2011), Melbourne, Australia., 7-10 Nov 2011. [Online]. Available: http://sites.google.com/site/karnouskos/ files/2011IECONngSCADA.pdf
6. N. Falliere, L. O. Murchu, and E. Chien, "W32.stuxnet dossier," Symantec, Tech. Rep., Feb. 2011. [Online]. Available: http://www.symantec.com/ content/en/us/enterprise/media/security response/whitepapers/w32 stuxnet dossier.pdf
7. A. Matrosov, E. Rodionov, D. Harley, and J. Malcho, "Stuxnet under the microscope," eset, Tech. Rep., 2010. [Online]. Available: http://www.eset.com/resources/white-papers/StuxnetUndertheMicroscope.pdf
8. D. Beresford, "Exploiting Siemens Simatic S7 PLCs," in Black Hat USA+2011, Las Vegas, NV, USA, 3-4 Aug. 2011. [Online]. Available: https://media.blackhat.com/bh-us-11/Beresford/BHUS11BeresfordS7PLCsWP.pdf
9. J. Clark, S. Leblanc, and S. Knight, "Compromise through usb-based hardware trojan horse device," Future Gener. Comput. Syst., vol. 27, pp. 555-563, May 2011. [Online]. Available: http://dx.doi.org/10.1016/j.future.2010. 04.008
10. A. Davis, "USB - undermining security barriers," in Black Hat USA+2011, Las Vegas, NV, USA, 3-4 Aug. 2011. [Online]. Available: https://media.blackhat.com/bh-us-11/Davis/BHUS11-DavisUSBWP.pdf
11. L. Duflot, Y.-A. Perez, G. Valadon, and O. Levillain, "Can you still trust your network card?" CanSecWest 2010, Vancouver, Canada, 22-26 Mar. 2010. [Online]. Available: http://www.ssi.gouv.fr/IMG/pdf/ csw-trustnetworkcard. pdf
12. C. Miller, "Battery firmware hacking," in Black Hat USA+2011, Las Vegas, NV, USA, 3-4 Aug. 2011. [Online]. Available: https://media.blackhat. com/bh-us-11/Miller/BHUS11MillerBatteryFirmwarePublicWP.pdf
13. J. Clark, S. Leblanc, and S. Knight, "Hardware trojan horse device based on unintended usb channels," in Proceedings of the 2009 Third International Conference on Network and System Security, ser. NSS '09. Washington, DC, USA: IEEE Computer Society, 2009, pp. 1-8. [Online]. Available: http://dx.doi.org/10.1109/NSS.2009.48
14. S. T. King, J. Tucek, A. Cozzie, C. Grier, W. Jiang, and Y. Zhou, "Designing and implementing malicious hardware," in Proceedings of the 1st Usenix Workshop on Large-Scale Exploits and Emergent Threats. Berkeley, CA, USA: USENIX Association, 2008, pp. 5:1-5:8. [Online]. Available: http://dl.acm.org/citation.cfm?id=1387709.1387714
15. M. Amanullah, A. Kalam, and A. Zayegh, "Network security vulnerabilities in scada and ems," in Transmission and Distribution Conference and Exhibition: Asia and Pacific, 2005 IEEE/PES. IEEE, 2005, pp. 1-6.
16. P. J. Marrón, S. Karnouskos, D. Minder, and A. Ollero, Eds., The emerging domain of Cooperating Objects. Springer, 2011. [Online]. Available: http://www.springer.com/engineering/signals/book/ 978-3-642-16945-8
17. R. Barbosa and A. Pras, "Intrusion detection in scada networks," Mechanisms for Autonomous Management of Networks and Services, pp. 163-166, 2010.
18. N. Cai, J. Wang, and X. Yu, "SCADA system security: Complexity, history and new developments," in 6th IEEE International Conference on Industrial Informatics (INDIN), Daejeon, Korea, 13-16 Jul. 2008, pp. 569-574.
19. W. Gao, T. Morris, B. Reaves, and D. Richey, "On scada control system command and response injection and intrusion detection," in eCrime Researchers Summit (eCrime), 2010, oct. 2010, pp. 1 -9.
20. S. Karnouskos, D. Savio, P. Spiess, D. Guinard, V. Trifa, and O. Baecker, "Real World Service Interaction with Enterprise Systems in Dynamic Manufacturing Environments," in Artificial Intelligence Techniques for Networked Manufacturing Enterprises Management, L. Benyoucef and B. Grabot, Eds. Springer, 2010, no. ISBN 978-1-84996-118-9, (in press).
21. D. Idoughi, M. Kerkar, and C. Kolski, "Towards new web services based supervisory systems in complex industrial organizations: Basic principles and case study," Comput. Ind., vol. 61, pp. 235-249, April 2010.
22. J. Song, S. Jung, and S. Kim, "Study on the future internet system through analysis of scada systems," Communication and Networking, pp. 10-14, 2010.
23. Z. Vale, H. Morais, M. Silva, and C. Ramos, "Towards a future scada," in Power & Energy Society General Meeting, 2009. PES'09. IEEE. IEEE, 2009, pp. 1-7.
24. P. Kennedy, V. Bapat, and P. Kurchina, In Pursuit of the Perfect Plant. Evolved Technologist, 2008.
25. A. W. Colombo and S. Karnouskos, "Towards the factory of the future: A service-oriented cross-layer infrastructure," in ICT Shaping the World: A Scientific View. European Telecommunications Standards Institute (ETSI), John Wiley and Sons, 2009, vol. 65-81.
26. M. Jamshidi, Ed., Systems of Systems Engineering: Principles and Applications. CRC Press, Nov. 2008.
27. D. Alperovitch, "Revealed: Operation Shady RAT," McAfee Labs, Tech. Rep., Aug. 2011. [Online]. Available: http://www.mcafee.com/us/resources/ white-papers/wp-operation-shady-rat.pdf
28. J. Farwell and R. Rohozinski, "Stuxnet and the future of cyber war," Survival, vol. 53, no. 1, pp. 23-40, 2011.
29. K. Stouffer, J. Falco, and K. Scarfone, "Guide to industrial control systems (ics) security," National Institute of Standards and Technology (NIST), U.S. Department of Commerce, Tech. Rep. NIST Special Publication 800-82, Jun. 2011. [Online]. Available: http://csrc.nist.gov/publications/nistpubs/800- 82/SP800-82-final.pdf