A Software-Defined Security Approach for Securing Field Zones in Industrial Control Systems
Autor: | Chunjie Zhou, Shuang-Hua Yang, Yu-Chu Tian, Jun Yang |
---|---|
Jazyk: | angličtina |
Rok vydání: | 2019 |
Předmět: |
General Computer Science
Computer science Industrial control system 02 engineering and technology Computer security computer.software_genre Field (computer science) Software zone protection attack mitigation 0202 electrical engineering electronic engineering information engineering Information system General Materials Science Isolation (database systems) software-defined security (SDSec) Network packet business.industry 020208 electrical & electronic engineering General Engineering anomaly detection 020201 artificial intelligence & image processing Anomaly detection lcsh:Electrical engineering. Electronics. Nuclear engineering business computer lcsh:TK1-9971 |
Zdroj: | IEEE Access, Vol 7, Pp 87002-87016 (2019) |
ISSN: | 2169-3536 |
Popis: | Industrial control systems (ICSs) are facing increasingly severe security threats. Zone isolation, a commonly adopted idea for stopping attack propagation in general information systems, has been investigated for ICS security protection. It is usually implemented through perimeter security techniques. However, anomaly states of the physical processes in a compromised field zone may spread into other zones through the inter-zone information interaction. Due to the coupling of the physical processes between different zones, it is difficult to prevent the propagation of attack impact in ICSs. In this paper, a software-defined security (SDSec) approach is presented to address this problem. It consists of a hybrid anomaly detection module and a multi-level security response module, both of which work together to secure the ICS field zones. The hybrid anomaly detection module inspects anomaly behaviors from the perspectives of network communications and physical process states. The multi-level security response module helps prevent unapproved packets from communications, thus isolating any compromised zone. It also generates attack mitigation strategies to secure physical processes. Hardware-in-the-loop simulations are conducted to demonstrate the effectiveness of the presented approach. |
Databáze: | OpenAIRE |
Externí odkaz: |