Supervisory Control and Data Acquisition (SCADA) systems, which are often used in several types of Essential Systems and Critical Infrastructures, depend on control devices such as Programmable Logic Controllers, Remote Terminal Units and Intelligent Electronic Devices. Such devices, which are deployed at the edge of the SCADA infrastructure, directly interface with the physical processes under control. They are often based on embedded systems with limited capabilities and exposed to significant security and safety-related risks, as demonstrated by past incidents such as Stuxnet. However, despite the recognized relevance of those edge devices, they usually lack monitoring mechanisms able to detect device anomalies and/or cyber-physical threats. In this paper we propose a novel approach for stealth monitoring of those control devices, for purposes of security and safety management. This approach builds on cost-effective probes, which we designate as Shadow Security Units (SSU), directly attached to the monitored control devices. This privileged positioning enables the direct and fine-grained observation of both physical inputs/outputs (i.e. the physical processes under control) and network communication flows -- allowing the exploitation of various novel monitoring approaches able to address sophisticated security threats not noticeable otherwise. Moreover, the SSU approach is not limited to SCADA scenarios, being also applicable to similar domains such as the Internet of Things (IoT), Avionics and Self-Driving systems.
Keywords
Safety and Security Monitoring, Anomaly Detection, Industrial Automation and Control Systems
Related Project
H2020 ATENA (Advanced Tools to assEss and mitigate the criticality of ICT compoNents and their dependencies over Critical InfrAstructures)
Journal
International Journal of Critical Infrastructure Protection, Leon Strous, October 2018
PDF File
DOI
Cited by
Year 2019 : 4 citations
Abdul Wahid Mir, Ramkumar Ketti Ramachandran, (2019) "Security gaps assessment of smart grid based SCADA systems", Information & Computer Security, Vol. 27 Issue: 3, pp.434-452, DOI: 10.1108/ICS-12-2018-0146
A. Giuseppi, A. Tortorelli, R. Germanà, F. Liberati and A. Fiaschetti, "Securing Cyber-Physical Systems: An Optimization Framework based on OSSTMM and Genetic Algorithms," 2019 27th Mediterranean Conference on Control and Automation (MED), Akko, Israel, 2019, pp. 50-56. DOI: 10.1109/MED.2019.8798506
Natarajan, Jayapandian. "Cyber Secure Man-in-the-Middle Attack Intrusion Detection Using Machine Learning Algorithms." AI and Big Data’s Potential for Disruptive Innovation. IGI Global, 2020. 291-316. Web. 9 Sep. 2019. doi:10.4018/978-1-5225-9687-5.ch011
Raposo, Duarte & Rodrigues, André & Sinche, Soraya & Sá Silva, Jorge & Boavida, Fernando. (2019). Security and Fault Detection in In-node components of IIoT Constrained Devices, in Proc of Local Computer Networks Conference (LCN), October 2019
