Towards trustworthiness assessment of industrial heterogeneous networks

In industrial plants, there is a mix of devices with different security features and capabilities. If there is a mix of devices with various degree of security levels, then this will create independent islands in a network with similar levels of security features. However, the industrial plant is interconnected for the purpose of reducing cost of monitoring with a centralized control center. Therefore, the different islands also need to communicate with each other to improve the asset management efficiency in a plant. In this work we aim to focus on the trustworthiness assessment of devices in industrial plant networks in term of node value. We study the behavior of industrial plant networks when devices with various degrees of security features communicate. We aim to identify network properties which influence the overall network behavior. From the study, we have found that the communication path, the order of different communication paths and the number of specific types of nodes affect the final trustworthiness of devices in the network.

[1]  Apala Ray,et al.  Initial Trust Establishment for Heterogeneous Industrial Communication Networks , 2014 .

[2]  Indrajit Ray,et al.  An interoperable context sensitive model of trust , 2009, Journal of Intelligent Information Systems.

[3]  Jin B. Hong,et al.  HARMs: Hierarchical Attack Representation Models for Network Security Analysis , 2012, AISM 2012.

[4]  Albert G. Greenberg,et al.  On static reachability analysis of IP networks , 2005, Proceedings IEEE 24th Annual Joint Conference of the IEEE Computer and Communications Societies..

[5]  Stefan Savage,et al.  Inferring Internet denial-of-service activity , 2001, TOCS.

[6]  Karen A. Scarfone,et al.  Guide to Industrial Control Systems (ICS) Security , 2015 .

[7]  Indrajit Ray,et al.  VTrust: A Trust Management System Based on a Vector Model of Trust , 2005, ICISS.

[8]  Karen A. Scarfone,et al.  Guide to Intrusion Detection and Prevention Systems (IDPS) , 2007 .

[9]  Miroslav Svéda,et al.  A Formal Model for Network-Wide Security Analysis , 2008, 15th Annual IEEE International Conference and Workshop on the Engineering of Computer Based Systems (ecbs 2008).

[10]  Birgit Vogel-Heuser,et al.  Global Information Architecture for Industrial Automation , 2013 .

[11]  Karen A. Scarfone,et al.  SP 800-82. Guide to Industrial Control Systems (ICS) Security: Supervisory Control and Data Acquisition (SCADA) systems, Distributed Control Systems (DCS), and other control system configurations such as Programmable Logic Controllers (PLC) , 2011 .

[12]  Anupam Datta,et al.  Security analysis of network protocols : compositional reasoning and complexity-theoretic foundations , 2005 .