An integrated experimental environment for distributed systems and networks
OSDI '02 Proceedings of the 5th symposium on Operating systems design and implementationCopyright restrictions prevent ACM from being able to make the PDFs for this conference available for downloading
Hierarchical Utilization Control for Real-Time and Resilient Power Grid
ECRTS '09 Proceedings of the 2009 21st Euromicro Conference on Real-Time Systems
Cryptographic Key Management for SCADA System: An Architectural Framework
ACT '09 Proceedings of the 2009 International Conference on Advances in Computing, Control, and Telecommunication Technologies
Attacks against process control systems: risk assessment, detection, and response
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
Computer
Increasing the resilience of critical SCADA systems using peer-to-peer overlays
ISARCS'10 Proceedings of the First international conference on Architecting Critical Systems
Modeling access control for cyber-physical systems using reputation
Computers and Electrical Engineering
Computers and Electrical Engineering
The placement-configuration problem for intrusion detection nodes in wireless sensor networks
Computers and Electrical Engineering
WiMAX-based robust localization in the presence of misbehaving and/or malicious base stations
Computers and Electrical Engineering
Hi-index | 0.00 |
The fact that modern Supervisory Control And Data Acquisition (SCADA) systems depend omunication Technologies (ICT), is well known. Although many studies have focused on the security of these systems, today we still lack an efficient method to design resilient SCADA systems. In this paper we propose a novel network segmentation methodology that separates control hardware regulating input product flows from control hardware regulating output product flows of the associated industrial processes. Consequently, any disturbances caused by compromised network segments could be compensated by legitimate control code running on non-compromised segments. The proposed method consists of a graph-based representation of the physical process and a heuristic algorithm which generates network designs with a minimum number of segments that satisfy a set of conditions provided by a human expert. The validity of the approach is confirmed by results from two attack scenarios involving the Tennessee-Eastman chemical process.