Review of security issues in industrial networks

IEEE Transactions on Industrial Informatics

Volumn 9, Issue 1, 2013, Pages 277-293

  Cheminod, Manuel ^a   Durante, Luca ^a   Valenzano, Adriano ^a  

^a Istituto Di Elettronica E Di Ingegneria Dell'informazione E Delle Telecomunicazioni Turin   (Italy)

Author keywords

Industrial networks; information security; network security; risk assessment; security analysis and monitoring; security countermeasures

Indexed keywords

CLASSICAL APPROACH; CURRENT SITUATION; CYBER THREATS; DISTRIBUTED COMPUTING SYSTEMS; DISTRIBUTED INFORMATION; INDUSTRIAL COMPUTERS; INDUSTRIAL NETWORKS; INDUSTRIAL SYSTEMS; KEY ELEMENTS; PHYSICAL SYSTEMS; SATISFACTORY DEGREE; SECURITY ANALYSIS; SECURITY COUNTERMEASURES; SECURITY ISSUES; SECURITY POINT; SECURITY RISKS; STATE OF THE ART; SYSTEM CHARACTERISTICS;

DISTRIBUTED PARAMETER NETWORKS; INDUSTRY; INFORMATION TECHNOLOGY; RISK ASSESSMENT; SECURITY OF DATA;

NETWORK SECURITY;

EID: 84871964962     PISSN: 15513203     EISSN: None     Source Type: Journal    
DOI: 10.1109/TII.2012.2198666     Document Type: Article

References (105)

1. Security for Industrial Automation and Control Systems Part 1: Terminology, Concepts, Models, ANSI/ISA Std. 99.00.01-2007.
2. K. Stouffer, J. Falco, and K. Scarfone, "Guide to Industrial Control Systems (ICS) Security," NIST SP 800-82, 2008.
3. D. Dzung, M. Naedele, T. P. von Hoff, and M. Crevatin, "Security for industrial control systems," Proc. IEEE, vol. 93, no. 6, pp. 1152-1177, Jun. 2005.
4. G. N. Ericsson, "Cyber security and power system communication-Essential parts of a smart grid infrastructure," IEEE Trans. Power Del., vol. 25, no. 3, pp. 1501-1507, Aug. 2010.
5. L. Piètre-Cambacédès, M. Tritschler, and G. N. Ericsson, "Cybersecurity myths on power control systems: 21 misconceptions and false beliefs," IEEE Trans. Power Del., vol. 26, no. 1, pp. 161-172, Feb. 2011.
6. Information Technology-Security Techniques-Information Security Management Systems-Requirements, ISO/IEC Std. 27 001, 2005.
7. "Reliability Standards-CIP (Critical Infrastructure Protection)," NERC (North American Electric Reliability Corp.).
8. R. C. Parks and E. Rogers, "Vulnerability assessment for critical infrastructure control systems," IEEE Security Privacy, vol. 6, no. 6, pp. 37-43, 2008.
9. "AGA 12 Part 1-Cryptographic Protection of SCADA Communications Part 1: Background, Policies and Test Plan," Amer. Gas Assoc., 2006.
10. "AGA 12 Part 2-Performance Test Plan," Amer. Gas Assoc., 2006.
11. "Electronic Records; Electronic Signatures (21CFR11). Code of Federal Regulations, Title 21, Volume 1 Part 11," U.S. Food & Drug Admin.-Dept. of Health & Human Services, 2001.
12. "Recommended Security Controls for Federal Information Systems and Organizations," NIST SP 800-53 rev. 3, 2010.
13. Security for Industrial Automation and Control Systems: Establishing an Industrial Automation and Control Systems Security Program, ANSI/ISA Std. 99.02.01-2009.
14. Minimum Security Requirements for Federal Information and Information Systems, NIST Std. FIPS 200, 2006.
15. Information Technology-Security Techniques-Information Security Management Systems-Overview and Vocabulary, ISO/IEC Std. 27 000, 2009.
16. Information Technology-Security Techniques-Code of Practice for Information Security Management, ISO/IEC Std. 27 002, 2005.
17. Information Technology-Security Techniques-Information Security Management Guidelines for Telecommunications Organizations Based on ISO/IEC 27002, ISO/IEC Std. 27 011, 2008.
18. Health Informatics-Information Security Management in Health Using ISO/IEC 27002, ISO/IEC Std. 27 799, 2008.
19. "Guide for Applying the Risk Management Framework to Federal Information Systems-A Security Life Cycle Approach," NIST SP 800-37 rev. 1, 2010.
20. Information Technology-Security Techniques-Information Security Risk Management, ISO/IEC Std. 27 005, 2008.
21. "Managing Information Security Risk-Organization, Mission, Information System View," NIST SP 800-39, 2011.
22. Information Technology-Security Techniques-Information Security Management-Measurement, ISO/IEC Std. 27 004, 2009.
23. E. Chew, M. Swanson, K. Stine, N. Bartol, A. Brown, and W. Robinson, "Performance Measurement Guide for Information Security," NIST SP 800-55 rev. 1, 2008.
24. ANSI/ISA, "Security Technologies for IndustrialAutomation and Control Systems," Tech. Rep. TR99.00.01-2007, 2007.
25. Information Technology-Security Techniques-Information Security Management System Implementation Guidance, ISO/IEC Std. 27 003, 2010.
26. G. N. Ericsson, "Information security for electric power utilities (EPUs)-CIGRé Developments on frameworks, risk assessment, technology," IEEE Trans. Power Del., vol. 24, no. 3, pp. 1174-1181, Aug. 2009.
27. G. N. Ericsson, "Toward a framework for managing information security for an electric power utility-CIGRé experiences," IEEE Trans. Power Del., vol. 22, no. 3, pp. 1461-1469, Aug. 2007.
28. S. D. Guikema and T. Aven, "Assessing risk from intelligent attacks: A perspective on approaches," Reliabil. Eng. Syst. Safety, vol. 95, no. 5, pp. 478-483, 2010.
29. T. Aven, "A unified framework for risk and vulnerability analysis covering both safety and security," Reliabil. Eng. Syst. Safety, vol. 92, no. 6, pp. 745-754, 2007. (Pubitemid 46135958)
30. A. M. Koonce, G. E. Apostolakis, and B. K. Cook, "Bulk power risk analysis: Ranking infrastructure elements according to their risk significance," Int. J. Electr. Power Energy Syst., vol. 30, no. 3, pp. 169-183, 2008. (Pubitemid 351273806)
31. M. H. Henry, R. M. Layer,K. Z. Snow, and D. R. Zaret, "Evaluating the risk of cyber attacks on SCADA systems via Petri net analysis with application to hazardous liquid loading operations," in Proc. IEEE Conf. Technol. for Homeland Security, 2009, pp. 607-614.
32. S. M. Rinaldi, J. P. Peerenboom, and T. K. Kelly, "Identifying, understanding, analyzing critical infrastructure interdependencies," IEEE Control Syst. Mag., vol. 21, no. 6, pp. 11-25, 2001. (Pubitemid 34092056)
33. N. K. Svendsen and S. D.Wolthusen, "Connectivity models of interdependency in mixed-type critical infrastructure networks," Inf. Security Tech. Rep., vol. 12, no. 1, pp. 44-55, 2007. (Pubitemid 46829997)
34. W. Kröger, "Critical infrastructures at risk: A need for a new conceptual approach and extended analytical tools," Reliabil. Eng. Syst. Safety, vol. 93, no. 12, pp. 1781-1787, 2008.
35. E. Zio and G. Sansavini, "Modeling interdependent network systems for identifying cascade-safe operating margins," IEEE Trans. Reliabil., vol. 60, no. 1, pp. 94-101, Feb. 2011.
36. M. Ouyang, L. Hong, Z.-J. Mao, M.-H. Yu, and F. Qi, "A methodological approach to analyze vulnerability of interdependent infrastructures," Simulation Modelling Practice and Theory, vol. 17, no. 5, pp. 817-828, 2009.
37. C. W. Johnson and K. McLean, "Tools for local critical infrastructure protection: Computational support for identifying safety and security interdependencies between local critical infrastructures," in Proc. 3rd IET Int. Conf. Syst. Safety, 2008, pp. 1-6.
38. S. Patel and J. Zaveri, "A risk-assessment model for cyber attacks on information systems," J. Comput., vol. 5, no. 3, pp. 352-359, 2010.
39. P. A. S. Ralston, J. H. Graham, and J. L. Hieb, "Cyber security risk assessment for SCADA and DCS networks," ISA Trans., vol. 46, no. 4, pp. 583-594, 2007. (Pubitemid 47284077)
40. Y. Y. Haimes, "Hierarchical holographic modeling," IEEE Trans. Syst., Man, Cybern. A, vol. 11, no. 9, pp. 606-617, 1981.
41. K. G. Crowther and Y. Y. Haimes, "Application of the inoperability input-output model (IIM) for systemic risk assessment and management of interdependent infrastructures," Syst. Eng., vol. 8, no. 4, pp. 323-341, 2005. (Pubitemid 43081877)
42. H. Kumamoto and E. J. Henley, Probabilistic Risk Assessment and Management for Engineers and Scientists. New York: Wiley-IEEE Press, 2000.
43. "Probabilistic Risk Assessment Procedure Guide for NASA Managers and Practitioners," NASA/SP-2011-3421, 2nd ed., 2011.
44. Y. Y. Haimes, S. Kaplan, and J. H. Lambert, "Risk filtering, ranking, management framework using hierarchical holographic modeling," Risk Anal., vol. 22, no. 2, pp. 383-397, 2002. (Pubitemid 34533265)
45. D. J. Leversage and E. J. Byres, "Estimating a system's mean time-to-compromise," IEEE Security Privacy, vol. 6, no. 1, pp. 52-60, 2008. (Pubitemid 351229833)
46. R. Setola, S. De Porcellinis, and M. Sforna, "Critical infrastructure dependency assessment using the input-output inoperability model," Int. J. Critical Infrastructure Protection, vol. 2, no. 4, pp. 170-178, 2009.
47. G. Oliva, S. Panzieri, and R. Setola, "Agent-based input-output interdependency model," Int. J. Critical Infrastructure Protection, vol. 3, no. 2, pp. 76-82, 2010.
48. W. S. Lee, D. L. Grosh, F. A. Tillman, and C. H. Lie, "Fault tree analysis, methods, applications. A review," IEEE Trans. Reliabil., vol. REL-34, no. 3, pp. 194-203, 1985.
49. C.-W. Ten, G. Manimaran, and C.-C. Liu, "Cybersecurity for critical infrastructures: Attack and defensemodeling," IEEE Trans. Syst., Man, Cybern., vol. 40, no. 4, pp. 853-865, Apr. 2010.
50. B. Schneier, Secrets and Lies: Digital Security in a Networked World. New York: Wiley, 2000.
51. J. Andrews and S. Dunnett, "Event-tree analysis using binary decision diagrams," IEEE Trans. Rel., vol. 49, no. 2, pp. 230-238, 2000. (Pubitemid 32031222)
52. B.Wei, "A unified approach to failure mode, effects and criticality analysis (FMECA)," in Proc. Annu. Symp. Reliabil. Maintainability, 1991, pp. 260-271.
53. E. Babeshko, V. Kharchenko, and A. Gorbenko, "Applying F(I)MEA-technique for SCADA-based industrial control systems dependability assessment and ensuring," in Proc. 3rd Int. Conf. Dependability Comput. Syst., 2008, pp. 309-315.
54. F. Baiardi, C. Telmon, and D. Sgandurra, "Hierarchical, model-based risk management of critical infrastructures," Reliabil. Eng. Syst. Safety, vol. 94, no. 9, pp. 1403-1415, 2009.
55. A. Bobbio, E. Ciancamerla, S. Di Blasi, A. Iacomini, F. Mari, I. Melatti, M. Minichino, A. Scarlatti, E. Tronci, R. Terruggia, and E. Zendri, "Risk analysis via heterogeneous models of scada interconnecting power grids and telco networks," in Proc. 4th Int. Conf. Risks Security Internet Syst., 2009, pp. 90-97.
56. E. H. Spafford, "Cyber security: Assessing our vulnerabilities and developing an effective defense," in Proc. 2nd Annu. Workshop Inf. Privacy Nat. Security, 2009, vol. 5661, LNCS, pp. 20-33.
57. A. A. Cárdenas, S. Amin, and S. Sastry, "Research challenges for the security of control systems," in Proc. 3rd USENIX Workshop on Hot Topics in Security, 2008, pp. 1-6.
58. A. A. Cárdenas, S. Amin, B. Sinopoli, A. Giani, A. Perrig, and S. Sastry, "Challenges for Securing Cyber Physical Systems," in Proc. Int. Workshop Future Directions in Cyber-phys. Syst. Security, 2009 [Online]. Available: http://cimic.rutgers.edu/positionPapers/cps-security-challenges- Cardenas.pdf
59. A. A. Cárdenas, S. Amin, Z.-S. Lin, Y.-L. Huang, C.-Y. Huang, and S. Sastry, "Attacks against process control systems: Risk assessment, detection, response," in Proc. 6th ACM Symp. Inf., Comput. Commun. Security, 2011, pp. 355-366.
60. M. Cheminod, I. Cibrario Bertolotti, L. Durante, P.Maggi, D. Pozza, R. Sisto, and A. Valenzano, "Detecting chains of vulnerabilities in industrial networks," IEEE Trans. Ind. Informat., vol. 5, no. 2, pp. 181-193, 2009.
61. D. M. Nicol, W. H. Sanders, S. Singh, and M. Seri, "Usable global network access policy for process control systems," IEEE Security Privacy, vol. 6, no. 6, pp. 30-36, 2008.
62. M. Cheminod, I. Cibrario Bertolotti, L. Durante, and A. Valenzano, "Automatic analysis of security policies in industrial networks," in Proc. 8th IEEE Int. Workshop Factory Commun. Syst., 2010, pp. 109-118.
63. M. Cheminod, L. Durante, and A. Valenzano, "System configuration check against security policies in industrial networks," in Proc. 7th IEEE Int. Symp. Ind. Embedded Syst., 2012, pp. 247-256.
64. D. M. Nicol, W. H. Sanders, M. Seri, and S. Singh, "Experiences validating the access policy tool in industrial settings," in Proc. 43rd Hawaii Int. Conf. Syst. Sci., 2010, pp. 1-8.
65. T. Stephanou, "Assessing and Exploiting the Internal Security of an Organization," SANS Inst., 2001.
66. E. Nash, "Hackers Bigger Threat Than Rogue Staff," 2003. [Online]. Available: http://seclists.org/isn/2003/May/65
67. D. Reinelt and M. Wolframm, "Security in virtual automation networks," in Proc. 13th IEEE Int. Conf. Emerging Technol. Factory Automation, 2008, pp. 480-483.
68. X. Yuefei, R. Song, L. Korba, L. Wang, W. Shen, and S. Lang, "Distributed device networks with security constraints," IEEE Trans. Ind. Informat., vol. 1, no. 4, pp. 217-225, 2005. (Pubitemid 41729785)
69. R. Chandia, J. Gonzalez, T. Kilpatrick,M. Papa, and S. Shenoi, "Security strategies for SCADA networks," Critical Infrastructure Protection, ser. Int. Fed. Inf. Process., vol. 253, pp. 117-131, 2007.
70. D. Choi, H. Kim, D. Won, and S. Kim, "Advanced key-management architecture for secure SCADA communications," IEEE Trans. Power Del., vol. 24, no. 3, pp. 1154-1163, Aug. 2009.
71. D. Choi, S. Lee, D. Won, and S. Kim, "Efficient secure group communications for SCADA," IEEE Trans. Power Del., vol. 25, no. 2, pp. 714-722, May 2010.
72. Y. Wang, "sSCADA: Securing SCADA infrastructure communications, " Int. J. Commun. Netw. Distrib. Syst., vol. 6, no. 1, pp. 59-78, 2011.
73. M. Long and C.-H. J.Wu, "Energy-efficient and intrusion-resilient authentication for ubiquitous access to factory floor information," IEEE Trans. Ind. Informat., vol. 2, no. 1, pp. 40-47, 2006.
74. M. Lin, L. Xu, L. T. Yang, X. Qin, N. Zheng, Z. Wu, and M. Qiu, "Static security optimization for real-time systems," IEEE Trans. Ind. Informat., vol. 5, no. 1, pp. 22-37, 2009.
75. H. Okhravi and D. M. Nicol, "Application of trusted network technology to industrial control networks," Int. J. Critical Infrastructure Protection, vol. 2, no. 3, pp. 84-94, 2009.
76. A. A. Cárdenas, T. Roosta, and S. Sastry, "Rethinking security properties, threat models, the design space in sensor networks: A case study in SCADA systems," Ad Hoc Networks, vol. 7, no. 8, pp. 1434-1447, 2009.
77. C. Alcaraz and J. Lopez, "A security analysis for wireless sensor mesh networks in highly critical systems," IEEE Trans. Syst., Man, Cybern. C, vol. 40, no. 4, pp. 419-428, Apr. 2010.
78. Z. Karakehayov, "Security-Lifetime tradeoffs for wireless sensor networks," in Proc. 12th IEEE Int. Conf. Emerging Technol. Factory Automation, 2007, pp. 646-650.
79. C.-C. Lee, M.-S. Hwang, and I.-E. Liao, "Security enhancement on a new authentication scheme with anonymity for wireless environments," IEEE Trans. Ind. Electron., vol. 53, no. 5, pp. 1683-1687, May 2006. (Pubitemid 44593519)
80. T. Novak and A. Gerstinger, "Safety-and security-critical services in building automation and control systems," IEEE Trans. Ind. Electron., vol. 57, no. 11, pp. 3614-3621, Nov. 2010.
81. W. Granzer, F. Praus, andW.Kastner, "Security in building automation systems," IEEE Trans. Ind. Electron., vol. 57, no. 11, pp. 3622-3630, Nov. 2010.
82. M. Henseler, M. Rossberg, and G. Schaefer, "Credential management for automatic identification solutions in supply chain management," IEEE Trans. Ind. Informat., vol. 4, no. 4, pp. 303-314, Apr. 2008.
83. J. O. Lauf and H. Sauff, "Secure lightweight tunnel for monitoring transport containers," in Proc. 3rd Int. Conf. Security Privacy Commun. Networks, 2007, pp. 484-493.
84. T. Kilpatrick, J. Gonzalez, R. Chandia, M. Papa, and S. Shenoi, "Forensic analysis of SCADA systems and networks," Int. J. Secur. Netw., vol. 3, no. 2, pp. 95-102, 2008. (Pubitemid 351292178)
85. M. Cheminod, I. Cibrario Bertolotti, L. Durante, R. Sisto, and A. Valenzano, "Tools for cryptographic protocols analysis: A technical and experimental comparison," Comput. Standards & Interfaces, vol. 31, no. 5, pp. 954-961, 2009.
86. M. Cheminod, A. Pironti, and R. Sisto, "Formal vulnerability analysis of a security system for remote fieldbus access," IEEE Trans. Ind. Informat., vol. 7, no. 1, pp. 30-40, 2011.
87. D. Hankerson, A. Menezes, and S. Vanstone, Guide to Elliptic Curve Cryptography. Berlin, Germany: Springer, 2004.
88. G. D. Sutter, J.-P. Deschamps, and J. L. Imana, "Modular multiplication and exponentiation architectures for fast RSA cryptosystem based on digit serial computation," IEEE Trans. Ind. Electron., vol. 58, no. 7, pp. 3101-3109, Jul. 2011.
89. J. Zhu and J. Ma, "A new authentication scheme with anonymity for wireless environments," IEEE Trans. Consum. Electron., vol. 50, no. 1, pp. 231-235, Jan. 2004.
90. D. E. Denning, "An intrusion-detection model," IEEE Trans. Softw. Eng., vol. 13, no. 2, pp. 222-232, 1987.
91. U. Premaratne, J. Samarabandu, T. Sidhu, R. Beresh, and J.-C. Tan, "An intrusion detection system for iec61850 automated substations," IEEE Trans. Power Del., vol. 25, no. 4, pp. 2376-2383, Nov. 2010.
92. A. Carcano, I. Fovino,M.Masera, and A. Trombetta, "State-based network intrusion detection systems for SCADA protocols: A proof of concept," Proc. 4th Int. Workshop Critical Inf. Infrastructures Security, ser. LNCS, vol. 6027, pp. 138-150, 2010.
93. M. Long, C.-H. J. Wu, and J. Y. Hung, "Denial of service attacks on network-based control systems: Impact and mitigation," IEEE Trans. Ind. Informat., vol. 1, no. 2, pp. 85-96, 2005. (Pubitemid 40786123)
94. W. Granzer, C. Reinisch, and W. Kastner, "Denial-of-service in automation systems," in Proc. 13th IEEE Int. Conf. Emerging Technol. Factory Automation, 2008, pp. 468-471.
95. O. Linda, T. Vollmer, and M. Manic, "Neural network based intrusion detection system for critical infrastructures," in Proc. Int. IEEE-INNSENNS Joint Conf. Neural Networks, 2009, pp. 1827-1834.
96. P.Düssel,C.Gehl,P. Laskov, J.-U.Bußer, C. Störmann, and J. Kästner, "Cyber-critical infrastructure protection using real-time payload-based anomaly detection," in Proc. 4th Int. Workshop Critical Inf. Infrastructures Security, 2010, vol. 6027, LNCS, pp. 85-97.
97. A. Carcano, A. Coletta, M. Guglielmi, M. Masera, I. Nai Fovino, and A. Trombetta, "A multidimensional critical state analysis for detecting intrusions in SCADA systems," IEEE Trans. Ind. Informat., vol. 7, no. 2, pp. 179-186, 2011.
98. S. Cheung, B. Dutertre, M. Fong, U. Lindqvist, K. Skinner, and A. Valdes, "Using model-based intrusion detection for SCADA networks," in Proc. SCADA Security Scientific Symp., 2007, pp. 1-12.
99. R. Barbosa and A. Pras, "Intrusion detection in SCADA networks," in Mechanisms for Autonomous Management of Networks and Services-Proc. 4th Int. Conf. Auton. Infrastructure, Manag., Security, 2010, vol. 6155, LNCS, pp. 163-166.
100. D. Yang, E. Usynin, and J.W. Hines, "Anomaly-based intrusion detection for SCADA systems," in Proc. 5th Amer. Nuclear Soc. Int. Topical Meeting on Nuclear Plant Instrum., Controls, Human Machine Interface Technol., 2006 [Online]. Available: http://entrac.iaea.org/iand-c/tm idaho 2006/cd/IAEA%20Day%202/Hines%20paper.pdf
101. P. Oman and M. Phillips, "Intrusion detection and event monitoring in SCADA Networks," in Proc. Critical Infrastructure Protection, 2007, vol. 253, pp. 161-173.
102. S. Shin, T. Kwon, G.-Y. Jo, Y. Park, and H. Rhy, "An experimental study of hierarchical intrusion detection for wireless industrial sensor networks," IEEE Trans. Ind. Informat., vol. 6, no. 4, pp. 744-757, 2010.
103. K. Xiao, N. Chen, S. Ren, L. Shen, X. Sun, K. Kwiat, and M. Macalik, "A workflow-based non-intrusive approach for enhancing the survivability of critical infrastructures in cyber environment," in Proc. 3rd Int. Workshop Software Eng. for Secure Syst., 2007, pp. 4-10.
104. M. Di Santo, A. Vaccaro, D. Villacci, and E. Zimeo, "A distributed architecture for online power systems security analysis," IEEE Trans. Ind. Electron., vol. 51, no. 6, pp. 1238-1248, Jun. 2004.
105. H. Hadeli, R. Schierholz, M. Braendle, and C. Tuduce, "Leveraging determinism in industrial control systems for advanced anomaly detection and reliable security configuration," in Proc. 14th IEEE Int. Conf. Emerging Technol. Factory Automation, 2009, pp. 1-8.