Top

Published in:

2018 | OriginalPaper | Chapter

Deriving a Cost-Effective Digital Twin of an ICS to Facilitate Security Evaluation

Authors : Ron Bitton, Tomer Gluck, Orly Stan, Masaki Inokuchi, Yoshinobu Ohta, Yoshiyuki Yamada, Tomohiko Yagyu, Yuval Elovici, Asaf Shabtai

Published in: Computer Security

Publisher: Springer International Publishing

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

Industrial control systems (ICSs), and particularly supervisory control and data acquisition (SCADA) systems, are used in many critical infrastructures and are inherently insecure, making them desirable targets for attackers. ICS networks differ from typical enterprise networks in their characteristics and goals; therefore, security assessment methods that are common in enterprise networks (e.g., penetration testing) cannot be directly applied in ICSs. Thus, security experts recommend using an isolated environment that mimics the real one for assessing the security of ICSs. While the use of such environments solves the main challenge in ICS security analysis, it poses another one: the trade-off between budget and fidelity. In this paper we suggest a method for creating a digital twin that is network-specific, cost-efficient, highly reliable, and security test-oriented. The proposed method consists of two modules: a problem builder that takes facts about the system under test and converts them into a rules set that reflects the system’s topology and digital twin implementation constraints; and a solver that takes these inputs and uses 0–1 non-linear programming to find an optimal solution (i.e., a digital twin specification), which satisfies all of the constraints. We demonstrate the application of our method on a simple use case of a simplified ICS network.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

previous chapter DigesTor: Comparing Passive Traffic Analysis Attacks on Tor

next chapter Tracking Advanced Persistent Threats in Critical Infrastructures Through Opinion Dynamics

Available only for authorised users

http://www.isgautomation.com/siemens-simatic-s7-300-plc-6es7.html.

https://www.steinerelectric.com/p/siemens-simatic-s7-s7-plcsim-v5-4-floating-lic/429647.

https://github.com/mbuesch/awlsim.

Cyber security assessment of industrial control systems - a good practice guide. Technical report, Centre for the Protection of National Infrastructure, April 2011

Alves, T., Das, R., Morris, T.: Virtualization of industrial control system testbeds for cybersecurity, pp. 10–14. ACM

Gao, H., Peng, Y., Dai, Z., Wang, T., Jia, K.: The design of ICS testbed based on emulation, physical, and simulation (EPS-ICS testbed). In: 2013 Ninth International Conference on Intelligent Information Hiding and Multimedia Signal Processing, pp. 420–423. IEEE (2013)

Genge, B., Siaterlis, C., Fovino, I.N., Masera, M.: A cyber-physical experimentation environment for the security analysis of networked industrial control systems. Comput. Electr. Eng. 38(5), 1146–1161 (2012)CrossRef

Green, B., Lee, A., Antrobus, R., Roedig, U., Hutchison, D., Rashid, A.: Pains, gains and PLCs: ten lessons from building an industrial control systems testbed for security research. In: 10th USENIX Workshop on Cyber Security Experimentation and Test (CSET 2017). USENIX Association, Vancouver (2017)

Grieves, M., Vickers, J.: Digital twin: mitigating unpredictable, undesirable emergent behavior in complex systems. In: Kahlen, F.-J., Flumerfelt, S., Alves, A. (eds.) Transdisciplinary Perspectives on Complex Systems, pp. 85–113. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-38756-7_4CrossRef

Holm, H., Karresand, M., Vidström, A., Westring, E.: A Survey of Industrial Control System Testbeds. Springer, Cham (2015)CrossRef

Lemay, A., Fernandez, J., Knight, S.: An isolated virtual cluster for SCADA network security research. In: Proceedings of the 1st International Symposium for ICS & SCADA Cyber Security Research, p. 88 (2013)

Leszczyna, R., Egozcue, E., Tarrafeta, L., Villar, V.F., Estremera, R., Alonso, J.: Protecting industrial control systems-recommendations for Europe and member states. Technical report (2011)

10.

Li, D., Sun, X.: Nonlinear Integer Programming, vol. 84. Springer, Cham (2006)MATH

11.

McLaughlin, S., Konstantinou, C., Wang, X., Davi, L., Sadeghi, A.-R., Maniatakos, M., Karri, R.: The cybersecurity landscape in industrial control systems. Proc. IEEE 104(5), 1039–1057 (2016)CrossRef

12.

Mitchell, R., Chen, I.-R.: A survey of intrusion detection techniques for cyber-physical systems. ACM Comput. Surv. (CSUR) 46(4), 55 (2014)CrossRef

13.

Murray, W., Ng, K.-M.: An algorithm for nonlinear optimization problems with binary variables. Comput. Optim. Appl. 47(2), 257–288 (2010)MathSciNetCrossRef

14.

Nazir, S., Patel, S., Patel, D.: Assessing and augmenting SCADA cyber security: a survey of techniques. Comput. Secur. 70, 436–454 (2017)CrossRef

15.

Qassim, Q., et al.: A survey of SCADA testbed implementation approaches. Indian J. Sci. Technol. 10, 26 (2017)CrossRef

16.

Searle, J.: NESCOR guide to penetration testing for electric utilities. Technical report, National Electric Sector Cybersecurity Organization Resource (NESCOR)

17.

Siaterlis, C., Genge, B.: Cyber-physical testbeds. Commun. ACM 57(6), 64–73 (2014)CrossRef

18.

Stouffer, K., Falco, J., Scarfone, K.: Guide to industrial control systems (ICS) security. NIST Spec. Publ. 800(82), 16 (2011)

Title: Deriving a Cost-Effective Digital Twin of an ICS to Facilitate Security Evaluation
Authors: Ron Bitton
Tomer Gluck
Orly Stan
Masaki Inokuchi
Yoshinobu Ohta
Yoshiyuki Yamada
Tomohiko Yagyu
Yuval Elovici
Asaf Shabtai
Publisher: Springer International Publishing
Book: Computer Security
Print ISBN: 978-3-319-99072-9

Electronic ISBN: 978-3-319-99073-6

Copyright Year: 2018
DOI: https://doi.org/10.1007/978-3-319-99073-6_26

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner