The case for prevention-based, host-resident defenses in the modern PCS network

Authors:
Charles Payne, Jr.;Richard C. O'Brien;J. Thomas Haigh
Affiliations:
Adventium Labs, LLC, Minneapolis, MN;Adventium Labs, LLC, Minneapolis, MN;Adventium Labs, LLC, Minneapolis, MN
Venue:
Proceedings of the 5th Annual Workshop on Cyber Security and Information Intelligence Research: Cyber Security and Information Intelligence Challenges and Strategies
Year:
2009

Citing 5
Cited 0

Implementing a distributed firewall

Proceedings of the 7th ACM conference on Computer and communications security
Architecture and Applications for a Distributed Embedded Firewall

ACSAC '01 Proceedings of the 17th Annual Computer Security Applications Conference
Generating Policies for Defense in Depth

ACSAC '05 Proceedings of the 21st Annual Computer Security Applications Conference
Trapping Malicious Insiders in the SPDR Web

HICSS '09 Proceedings of the 42nd Hawaii International Conference on System Sciences
Virtual Private Groups for Protecting Critical Infrastructure Networks

CATCH '09 Proceedings of the 2009 Cybersecurity Applications & Technology Conference for Homeland Security

Quantified Score

Hi-index	0.00

Visualization

Abstract

The process control system (PCS) owner can no longer rely on a physical air gap and custom hardware to protect her network from attack. Demand for greater visibility into PCS operations, coupled with greater use of commodity hardware, now exposes the PCS network to the same threats facing other networks. To address these threats, we argue for the deployment of prevention-based, host-resident, network layer devices, coupled with scalable, service-based management, that will not only protect PCS communications but will also support higher level reasoning about PCS trustworthiness. We explain why the modern PCS network is particularly well-suited for this approach, and we highlight where our own research supports this claim.