An evolved security architecture for distributed Industrial Automation and Control Systems

Authors

Abstract

Over the recent years, control and sensor systems used for IACS (Industrial Automation and Control Systems) have become more complex, due to the increasing number of interconnected distributed devices, sensors and actuators. Such components are often widely dispersed in the field – this is the case for micro-generation (wire-to-water generation, solar or wind), smart metering, oil and gas distribution or smart water management, among others. This IoT (Internet of Things)-centric IACS paradigm expands the infrastructure boundaries well beyond the single or aggregated-plant, mono-operator vision (mostly associated with geographically constrained systems topologies), being dispersed over a large geographic area, with increasingly small areas of coverage as we progress towards its periphery.

This situation calls for a different approach to cyber threat detection, which is one of the most relevant contributions of the ATENA (Advanced Tools to assEss and mitigate the criticality of ICT compoNents and their dependencies over critical infrAstructures) H2020 project (ATENA 2016). This paper presents and describes the ATENA cyber-security architecture, designed for the emerging generation of distributed IoT IACS, leveraging technologies such as Software Defined Networking/Network Function Virtualization and Big data event processing) within the scope of a cyber-detection architecture designed to deal with the inherent challenges of dispersed IACS, involved different operator domains.

Keywords

Critical Infrastructure Protection, Industrial Automation and Control Systems, Big Data, Forensics

Related Project

H2020 ATENA (Advanced Tools to assEss and mitigate the criticality of ICT compoNents and their dependencies over Critical InfrAstructures)

Conference

In Proc. of 16th European Conference on Cyber Warfare and Security (ECCWS 2017). ISBN: 978-1-911218-43-2, June 2017

PDF File