Performance evaluation of secure industrial control system design: A railway control system case study

Industrial control systems (ICS) are composed of sensors, actuators, control processing units, and communication devices all interconnected to provide monitoring and control capabilities. Due to the integral role of the networking infrastructure, such systems are vulnerable to cyber attacks. Indepth consideration of security and resilience and their effects to system performance are very important. This paper focuses on railway control systems (RCS), an important and potentially vulnerable class of ICS, and presents a simulation integration platform that enables (1) Modeling and simulation including realistic models of cyber and physical components and their interactions, as well as operational scenarios that can be used for evaluations of cybersecurity risks and mitigation measures and (2) Evaluation of performance impact and security assessment of mitigation mechanisms focusing on authentication mechanisms and firewalls. The approach is demonstrated using simulation results from a realistic RCS case study.

[1]  P.V. Craven,et al.  A brief look at railroad communication vulnerabilities , 2004, Proceedings. The 7th International IEEE Conference on Intelligent Transportation Systems (IEEE Cat. No.04TH8749).

[2]  Tang Ming . Wei Lian. Si Tuo Lin Si,et al.  Cryptography and Network Security - Principles and Practice , 2015 .

[3]  Gabor Karsai,et al.  Rapid synthesis of high-level architecture-based heterogeneous simulation: a model-based integration approach , 2012, Simul..

[4]  Gabor Karsai,et al.  The Generic Modeling Environment , 2001 .

[5]  Judith S. Dahmann,et al.  High Level Architecture for simulation: an update , 1998, Proceedings. 2nd International Workshop on Distributed Interactive Simulation and Real-Time Applications (Cat. No.98EX191).

[6]  Karen A. Scarfone,et al.  Guide to Industrial Control Systems (ICS) Security , 2015 .

[7]  Rudolf Hornig,et al.  An overview of the OMNeT++ simulation environment , 2008, Simutools 2008.

[8]  Helena Handschuh,et al.  Security Analysis of SHA-256 and Sisters , 2003, Selected Areas in Cryptography.