Cybersecurity for industrial control systems: A survey

Industrial Control System (ICS) is a general term that includes supervisory control & data acquisition (SCADA) systems, distributed control systems (DCS), and other control system configurations such as programmable logic controllers (PLC). ICSs are often found in the industrial sectors and critical infrastructures, such as nuclear and thermal plants, water treatment facilities, power generation, heavy industries, and distribution systems. Though ICSs were kept isolated from the Internet for so long, significant achievable business benefits are driving a convergence between ICSs and the Internet as well as information technology (IT) environments, such as cloud computing. As a result, ICSs have been exposed to the attack vectors used in the majority of cyber-attacks. However, ICS devices are inherently much less secure against such advanced attack scenarios. A compromise to ICS can lead to enormous physical damage and danger to human lives. In this work, we have a close look at the shift of the ICS from stand-alone systems to cloud-based environments. Then we discuss the major works, from industry and academia towards the development of the secure ICSs, especially applicability of the machine learning techniques for the ICS cyber-security. The work may help to address the challenges of securing industrial processes, particularly while migrating them to the cloud environments.

[1]  Cristina Alcaraz,et al.  Current cyber-defense trends in industrial control systems , 2019, Comput. Secur..

[2]  Hoay Beng Gooi,et al.  Web-based SCADA display systems (WSDS) for access via Internet , 2000 .

[3]  Leandros A. Maglaras,et al.  Intrusion detection in SCADA systems using machine learning techniques , 2014, 2014 Science and Information Conference.

[4]  Mohammed Samaka,et al.  Feasibility of Supervised Machine Learning for Cloud Security , 2016, 2016 International Conference on Information Science and Security (ICISS).

[5]  Ali A. Ghorbani,et al.  Detecting P2P botnets through network behavior analysis and machine learning , 2011, 2011 Ninth Annual International Conference on Privacy, Security and Trust.

[6]  Earl Perkins,et al.  Cyber Security for Corporate and Industrial Control Systems , 2015 .

[7]  Piroska Haller,et al.  Denial of Service Attack Detection in Case of Tennessee Eastman Challenge Process , 2015 .

[8]  Wei Xie,et al.  Security and Privacy in Cloud Computing: A Survey , 2010, 2010 Sixth International Conference on Semantics, Knowledge and Grids.

[9]  W Zhang,et al.  Research on FBN-based security defense model of oil and gas SCADA network , 2015 .

[10]  David Hutchison,et al.  A survey of cyber security management in industrial control systems , 2015, Int. J. Crit. Infrastructure Prot..

[11]  B. Sinopoli,et al.  Simulation of Network Attacks on SCADA Systems , 2010 .

[12]  Ludovic Piètre-Cambacédès,et al.  Modeling the Stuxnet attack with BDMP: Towards more formal risk assessments , 2012, 2012 7th International Conference on Risks and Security of Internet and Systems (CRiSIS).

[13]  Nour Moustafa,et al.  UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set) , 2015, 2015 Military Communications and Information Systems Conference (MilCIS).

[14]  Sujeet Shenoi,et al.  Security Strategies for SCADA Networks , 2007, Critical Infrastructure Protection.

[15]  Kevin Jones,et al.  A review of cyber security risk assessment methods for SCADA systems , 2016, Comput. Secur..

[16]  Stephen E. McLaughlin On Dynamic Malware Payloads Aimed at Programmable Logic Controllers , 2011, HotSec.

[17]  Raj Jain,et al.  Effect of Imbalanced Datasets on Security of Industrial IoT Using Machine Learning , 2018, 2018 IEEE International Conference on Intelligence and Security Informatics (ISI).

[18]  R.W. Thomas,et al.  Next generation SCADA security: best practices and client puzzles , 2005, Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop.

[19]  Bandar Aldawsari,et al.  Security-Oriented Cloud Platform for SOA-Based SCADA , 2015, 2015 15th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing.

[20]  Gianfranco Cerullo,et al.  A Secure Cloud-Based SCADA Application: The Use Case of a Water Supply Network , 2016, SoMeT.

[21]  M.Y. Javed,et al.  A Performance Comparison of Data Encryption Algorithms , 2005, 2005 International Conference on Information and Communication Technologies.

[22]  Liang Peng,et al.  Research on the analytic factor neuron model based on cloud generator and its application in oil&gas SCADA security defense , 2014, CLOUD 2014.

[23]  Alfonso Valdes,et al.  Anomaly Detection in Electrical Substation Circuits via Unsupervised Machine Learning , 2016, 2016 IEEE 17th International Conference on Information Reuse and Integration (IRI).

[24]  Alvaro A. Cárdenas,et al.  Resilience of Process Control Systems to Cyber-Physical Attacks , 2013, NordSec.

[25]  P. Rewagad,et al.  Use of Digital Signature with Diffie Hellman Key Exchange and AES Encryption Algorithm to Enhance Data Security in Cloud Computing , 2013, 2013 International Conference on Communication Systems and Network Technologies.

[26]  R. K. Bunkar,et al.  Data Security and Privacy Protection Issues in Cloud Computing , 2014 .

[27]  James P. Titus,et al.  Security and Privacy , 1967, 2022 IEEE Future Networks World Forum (FNWF).

[28]  Karen A. Scarfone,et al.  Guide to Industrial Control Systems (ICS) Security , 2015 .

[29]  Costas J. Spanos,et al.  Diagnosing wind turbine faults using machine learning techniques applied to operational data , 2016, 2016 IEEE International Conference on Prognostics and Health Management (ICPHM).

[30]  Helge Janicke,et al.  SCADA security in the light of Cyber-Warfare , 2012, Comput. Secur..

[31]  Muttukrishnan Rajarajan,et al.  A survey of intrusion detection techniques in Cloud , 2013, J. Netw. Comput. Appl..

[32]  Mohammed Samaka,et al.  Optimal virtual network function placement in multi-cloud service function chaining architecture , 2017, Comput. Commun..

[33]  Marek Sikora,et al.  The IMC-AESOP Architecture for Cloud-Based Industrial Cyber-Physical Systems , 2014 .

[34]  Haider Abbas,et al.  Cloud-Assisted IoT-Based SCADA Systems Security: A Review of the State of the Art and Future Challenges , 2016, IEEE Access.

[35]  Weiwei Zhang,et al.  Research on the analytic factor neuron model based on cloud generator and its application in oil&gas SCADA security defense , 2014, 2014 IEEE 3rd International Conference on Cloud Computing and Intelligence Systems.

[36]  S. L. P. Yasakethu,et al.  Intrusion Detection via Machine Learning for SCADA System Protection , 2013, ICS-CSR.

[37]  Stamatis Karnouskos,et al.  Trends and Challenges for Cloud-Based Industrial Cyber-Physical Systems , 2014 .

[38]  Luying Zhou,et al.  A fog computing based approach to DDoS mitigation in IIoT systems , 2019, Comput. Secur..

[39]  Lav Gupta,et al.  Machine Learning-Based Network Vulnerability Analysis of Industrial Internet of Things , 2019, IEEE Internet of Things Journal.

[40]  Aamir Shahzad,et al.  Conceptual Model of Real Time Infrastructure Within Cloud Computing Environment , 2013 .

[41]  Vangelis Gazis,et al.  Towards generic SCADA simulators : A survey of existing multi-purpose co-simulation platforms , best practices and use-cases , 2013 .

[42]  Sumeet Dua,et al.  Data Mining and Machine Learning in Cybersecurity , 2011 .

[43]  Chunlei Wang,et al.  A Simulation Environment for SCADA Security Analysis and Assessment , 2010, 2010 International Conference on Measuring Technology and Mechatronics Automation.

[44]  S. Shankar Sastry,et al.  Understanding the physical and economic consequences of attacks on control systems , 2009, Int. J. Crit. Infrastructure Prot..

[45]  Siddharth Sridhar,et al.  Development of the PowerCyber SCADA security testbed , 2010, CSIIRW '10.

[46]  Rebecca Gurley Bace,et al.  Intrusion Detection , 2018, Encyclopedia of Social Network Analysis and Mining. 2nd Ed..

[47]  Dirk Schaefer,et al.  Software-defined cloud manufacturing for industry 4.0 , 2016 .

[48]  E. Byres,et al.  The Myths and Facts behind Cyber Security Risks for Industrial Control Systems , 2004 .

[49]  Ali A. Ghorbani,et al.  Toward developing a systematic approach to generate benchmark datasets for intrusion detection , 2012, Comput. Secur..

[50]  Vinay M. Igure,et al.  Security issues in SCADA networks , 2006, Comput. Secur..

[51]  Cong Wang,et al.  Achieving Secure, Scalable, and Fine-grained Data Access Control in Cloud Computing , 2010, 2010 Proceedings IEEE INFOCOM.

[52]  Avishai Wool,et al.  Control variable classification, modeling and anomaly detection in Modbus/TCP SCADA systems , 2015, Int. J. Crit. Infrastructure Prot..

[53]  Paul Honeine,et al.  Detection of cyberattacks in a water distribution system using machine learning techniques , 2016, 2016 Sixth International Conference on Digital Information Processing and Communications (ICDIPC).

[54]  Thomas H. Morris,et al.  Machine learning for power system disturbance and cyber-attack discrimination , 2014, 2014 7th International Symposium on Resilient Control Systems (ISRCS).

[55]  Pedro Malagón,et al.  Improving Security for SCADA Sensor Networks with Reputation Systems and Self-Organizing Maps , 2009, Sensors.

[56]  Mark A. Buckner,et al.  An Evaluation of Machine Learning Methods to Detect Malicious SCADA Communications , 2013, 2013 12th International Conference on Machine Learning and Applications.

[57]  Boudewijn R. Haverkort,et al.  Improving SCADA security of a local process with a power grid model , 2016, ICS-CSR.

[58]  Yang Xiao-jun SCADA intrusion detection system based on self-learning Semi-Supervised One-Class Support Vector Machine , 2013 .

[59]  Louis Wehenkel Machine-Learning Approaches to Power-System Security Assessment , 1997, IEEE Expert.

[60]  Mohammed Samaka,et al.  A survey on service function chaining , 2016, J. Netw. Comput. Appl..

[61]  Eduardo Jacob,et al.  Software-defined networking in cyber-physical systems: A survey , 2017, Comput. Electr. Eng..

[62]  Jiankun Hu,et al.  Generating realistic intrusion detection system dataset based on fuzzy qualitative modeling , 2017, J. Netw. Comput. Appl..

[63]  Aamir Shahzad,et al.  A New Cloud based supervisory control and Data Acquisition Implementation to Enhance the Level of Security using Testbed , 2014, J. Comput. Sci..

[64]  Qing-Long Han,et al.  A Survey on Model-Based Distributed Control and Filtering for Industrial Cyber-Physical Systems , 2019, IEEE Transactions on Industrial Informatics.

[65]  Robert Harrison,et al.  Industrial Cloud-Based Cyber-Physical Systems: The IMC-AESOP Approach , 2014 .

[66]  Mohammed Samaka,et al.  Optimal Virtual Network Function Placement and Resource Allocation in Multi-Cloud Service Function Chaining Architecture , 2019, ArXiv.

[67]  Pu Zeng,et al.  Intrusion Detection in SCADA System: A Survey , 2018 .

[68]  Yogesh L. Simmhan,et al.  Cloud-Based Software Platform for Big Data Analytics in Smart Grids , 2013, Computing in Science & Engineering.

[69]  Mohammed Samaka,et al.  Machine Learning for Anomaly Detection and Categorization in Multi-Cloud Environments , 2017, 2017 IEEE 4th International Conference on Cyber Security and Cloud Computing (CSCloud).

[70]  Karel Bartos,et al.  Learning Detector of Malicious Network Traffic from Weak Labels , 2015, ECML/PKDD.

[71]  Ian P. Turnipseed,et al.  Industrial Control System Simulation and Data Logging for Intrusion Detection System Research , 2015 .

[72]  Mohammad Zulkernine,et al.  A Distributed Defense Framework for Flooding-Based DDoS Attacks , 2008, 2008 Third International Conference on Availability, Reliability and Security.

[73]  Martin Naedele,et al.  Security for Process Control Systems: An Overview , 2008, IEEE Security & Privacy Magazine.

[74]  Nikolay Kakanakov,et al.  Experimental study of Cloud Computing based SCADA in Electrical Power Systems , 2016, 2016 XXV International Scientific Conference Electronics (ET).

[75]  Aamir Shahzad,et al.  Industrial control systems (ICSs) vulnerabilities analysis and SCADA security enhancement using testbed encryption , 2014, ICUIMC.

[76]  Zahir Tari,et al.  Migration of a SCADA system to IaaS clouds – a case study , 2017, Journal of Cloud Computing.

[77]  Ludovic Piètre-Cambacédès,et al.  A survey of approaches combining safety and security for industrial control systems , 2015, Reliab. Eng. Syst. Saf..

[78]  Xinghuo Yu,et al.  Building a SCADA Security Testbed , 2009, 2009 Third International Conference on Network and System Security.

[79]  Karel Bartos,et al.  Optimized Invariant Representation of Network Traffic for Detecting Unseen Malware Variants , 2016, USENIX Security Symposium.

[80]  J. Pollet Developing a solid SCADA security strategy , 2002, 2nd ISA/IEEE Sensors for Industry Conference,.

[81]  Alvaro A. Cárdenas,et al.  Attacks against process control systems: risk assessment, detection, and response , 2011, ASIACCS '11.

[82]  Kyriakos Stefanidis,et al.  An HMM-Based Anomaly Detection Approach for SCADA Systems , 2016, WISTP.