Leveraging determinism in industrial control systems for advanced anomaly detection and reliable security configuration

Authors:
Hadeli Hadeli;Ragnar Schierholz;Markus Braendle;Cristian Tuduce
Affiliations:
ABB Switzerland Ltd., Corporate Research, Industrial Software Systems, Baden Daettwil, Switzerland;ABB Switzerland Ltd., Corporate Research, Industrial Software Systems, Baden Daettwil, Switzerland;ABB Switzerland Ltd., Corporate Research, Industrial Software Systems, Baden Daettwil, Switzerland;ABB Switzerland Ltd., Corporate Research, Industrial Software Systems, Baden Daettwil, Switzerland
Venue:
ETFA'09 Proceedings of the 14th IEEE international conference on Emerging technologies & factory automation
Year:
2009

Citing 3
Cited 1

A Quantitative Study of Firewall Configuration Errors

Computer
Cyber Security Management for Utility Operations

HICSS '06 Proceedings of the 39th Annual Hawaii International Conference on System Sciences
Intrusion detection: a brief history and overview

Computer

A survey of intrusion detection techniques for cyber-physical systems

ACM Computing Surveys (CSUR)

Quantified Score

Hi-index	0.00

Visualization

Abstract

Industrial automation and control systems (IACS) today are often based on common IT technologies. However, they often lack security mechanisms and those available in enterprise IT environments are often not suitable for IACS. Other mechanisms require significant manual maintenance which is error prone. In this paper we present an approach that leverages the unique characteristics of IACS, in particular their deterministic behavior and often available formal system description, to reliably detect anomalies and reproducibly generate configurations for security mechanisms such as firewalls. In particular, we extend common IDS technology to also detect an IACS specific anomaly: the missing of required traffic.