Security intelligence for industrial control systems
| Autor: | M. Reiser, A. Beitler, A. Wespi, A. Amrein, M. Német, M. Ph. Stoecklin, V. Angeletti, S. Riccetti |
|---|---|
| Rok vydání: | 2016 |
| Předmět: |
Control system security
021110 strategic defence & security studies Engineering General Computer Science business.industry Control (management) 0211 other engineering and technologies Network data Information technology 02 engineering and technology Industrial control system Computer security computer.software_genre Reliability engineering SCADA Software security assurance 0202 electrical engineering electronic engineering information engineering 020201 artificial intelligence & image processing business computer |
| Zdroj: | IBM Journal of Research and Development. 60:13:1-13:12 |
| ISSN: | 0018-8646 |
| DOI: | 10.1147/jrd.2016.2575698 |
| Popis: | While there is a broad corpus of security intelligence technologies and solutions for IT (information technology) networks, only moderate experience and investment exists in applying security intelligence approaches to OT (operational technology) networks. OT networks have traditionally been isolated from IT networks, and therefore, security has been of minor concern. Given the trend toward interconnecting OT and IT networks for business reasons, and given the disclosure of highly sophisticated attacks against OT environments, OT network operators increasingly recognize the need to deploy security solutions that are widely known in IT also to OT. OT networks are running critical control processes. Configuration changes are avoided to reduce the risk of misconfiguration or unforeseeable side effects detrimental to the network's operation. Therefore, passive non-intrusive security technologies are favored. Consequently, security intelligence applied to passively collected network data is the most acceptable technology to be deployed in OT networks. In this paper, we show how IT-specific security intelligence techniques can be applied to passively collected OT network data. The techniques have been developed for protecting SCADA (Supervisory Control and Data Acquisition) systems and have been validated in an industrial cyber security testing laboratory. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|