nach oben

Erschienen in:

2022 | OriginalPaper | Buchkapitel

Industrial Control System Cybersecurity Assessment Handling Delay Estimation

verfasst von : A. A. Baybulatov, V. G. Promyslov

Erschienen in: Advances in Automation III

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Nowadays, industrial control systems are becoming more digital, more complex, and more interconnected causing growing anxiety about their safety, security, and especially cybersecurity. For dealing with all security problems including cybersecurity assessment, security programs are utilized where the properties of confidentiality and integrity are characterized in detail. But the availability attribute often suffers due to a lack of attention, which makes the assessment of availability grow into one of the thorniest issues. The article investigates cybersecurity in the industrial control systems context, clarifies the great value of availability, and explains a reasonable shift between cybersecurity and availability assessment problems. A delay of the signal transmission is discovered to be a suitable measure of the quantitative availability assessment, and a theory of deterministic queuing systems Network calculus is advocated to be a relevant tool for the delay estimation and availability modelling. A reference model for the availability assessment and also an appropriate metric based on delay and system dependency are proposed. The results of the verification of the applicability of Network calculus to solving the delay estimation and cybersecurity assessment problems are presented.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel Application TRIKE Methodology When Modeling Threats to APCs Information Security

Nächstes Kapitel Efficient Application of the Residue Number System in Elliptic Cryptography

Schatz, D., Bashroush, R., Wall, J.: Towards a more representative definition of cyber security. J. Digit. Forensics Secur. Law 12(2), 53–74 (2017)

Denning, P.J., Denning, D.E.: Cybersecurity is harder than building bridges. Am. Sci. 104,154–157 (2016)

Espinosa, N.: The five laws of cybersecurity (2018). TEDxFondduLac. http://www.ted.com/talks/nick_espinosa_the_five_laws_of_cybersecurity

Karnouskos, S.: Stuxnet worm impact on industrial cyber-physical system security. In: IECON 2011–37th Annual Conference of the IEEE Industrial Electronics Society, pp. 4490–4494 (2011)

Marszal, E.M., McGlone, J.: Security PHA Review for Consequence-Based Cybersecurity. NC 27709, ISA, USA (2019)

Stevens, T.: Global cybersecurity: new directions in theory and methods. Polit. Govern. 6(2), 1–4 (2018)CrossRef

Ginter, A.: Secure Operations Technology. Abterra Technologies Inc., Calgary (2018)

Ghosh, S., Sampalli, S.A.: Survey of security in SCADA networks: current issues and future challenges. IEEE Access 7, 135812–135831 (2019)

Anderson, A.: Built to Survive: A Business Owner's Guide on how to Survive a Cyber Attack. CreateSpace Independent Publishing Platform, Scotts Valley (2018)

10.

Qadir, S., Quadri, S.M.K.: Information availability: an Insight into the most important attribute of information security. J. Inf. Secur. 7, 185–194 (2016)

11.

Black, P.E., Scarfone, K., Souppaya, M.: Cyber Security Metrics and Measures. Wiley Handbook of Science and Technology for Homeland Security, pp. 1–8. John Wiley & Sons, New York (2008)

12.

Andress, J.: The Basics of Information Security: Understanding the Fundamentals of InfoSec in Theory and Practice. Syngress, Oxford (2014)

13.

IEC 62443-1-1: Industrial communication networks - Network and system security - Part 1-1: Terminology, concepts and models. IEC, Geneva (2009)

14.

Bishop, M.: Computer Security: Art and Science. Addison-Wesley Professional, Boston (2003)

15.

Denning, D.E.: The Limits of Formal Security Models. National Computer Systems Security Award Acceptance Speech (1999)

16.

Baybulatov, A.A., Promyslov, V.G., Control system availability assessment via maximum delay calculation. In: Proceedings of the 2019 International Conference on Industrial Engineering, Applications and Manufacturing (ICIEAM) (2019). http://ieeexplore.ieee.org/document/8743012

17.

IEC 62443-3-3: Industrial communication networks - Network and system security - Part 3-3: System security requirements and security levels. IEC, Geneva (2013)

18.

Baybulatov, A.A., Promyslov, V.G.: On a deterministic approach to solving industrial control system problems. In: Proceedings of the 2020 International Russian Automation Conference (RusAutoCon), pp. 115–120 (2020). http://ieeexplore.ieee.org/document/9208149

19.

Gunter, D.G., Medoff, M.D., O'Brien, P.C.: Implementing IEC 62443 - A Pragmatic Approach to Cybersecurity. Sellersville, PA, 18960, exida.com LLC (2018)

20.

Promyslov, V.G., Masolkin, S.I.: NPP APCS diagnostics implementation as a routine task of APCS. IFAC Proc. Vol. 42(2), 221–225 (2009)CrossRef

21.

Promyslov, V., Semenkov, K.: Non-statistical method for validation the time characteristics of digital control systems with a cyclic processing algorithm. submitted to review in Mathematics. Special Issue “Distributed Computer and Communication Networks”

22.

Baybulatov, A.A.: Towards network calculus. A review of theories for dealing with facilities of increased danger. In: Proceedings of the 2018 11th International Conference “Management of large-scale system development” (MLSD 2018), pp. 1–5 (2018). https://ieeexplore.ieee.org/document/8551896

23.

Bouillard, A., Boyer, M., Le Corronc, E.: Deterministic Network Calculus: From Theory to Practical Implementation. Wiley-ISTE, London (2018)CrossRef

24.

Litvinov, G.L.: Dequantization of mathematical structures and tropical/idempotent mathematics. An introductory lecture. In: Litvinov, G.L., Maslov, V.P., Kushner, A.G., Sergeev, S.N. (eds.) Tropical and Idempotent Mathematics, pp. 5–21, Moscow (2012)

25.

Baybulatov, A.A., Promyslov, V.G.: Cybersecurity assessment using delay from backlog bound calculation. In: Proceedings of the 14th IEEE International Conference on Application of Information and Communication Technologies (AICT2020) (2020). http://ieeexplore.ieee.org/document/9368731

26.

Avizienis, A., Laprie, J., Randell, B.: Fundamental concepts of dependability. In: Proceedings of the 3rd IEEE Information Survivability Workshop (ISW-2000), pp. 7–12 (2000)

27.

Qadir, S.M., Quadri, S.M.K.: Metric for evaluating availability of an information system: a quantitative approach based on component dependency. Int. J. Netw. Secur. Appl. (IJNSA) 9(2), 1–11 (2017)

Titel: Industrial Control System Cybersecurity Assessment Handling Delay Estimation
verfasst von: A. A. Baybulatov
V. G. Promyslov
Verlag: Springer International Publishing
Buch: Advances in Automation III
Print ISBN: 978-3-030-94201-4

Electronic ISBN: 978-3-030-94202-1

Copyright-Jahr: 2022
DOI: https://doi.org/10.1007/978-3-030-94202-1_43

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"