ICS

An Automated, Disruption-Tolerant Device Authentication and Key Management Framework for Critical Systems

Abstract:

Key management is critical to secure operation. Distributed control systems, such as Supervisory Control and Data Acquisition (SCADA) systems, have unique operational requirements that make conventional key management solutions less effectiveand burdensome. This paper pres-ents a novel Kerberos-based framework for automated, disruption-tolerant key management for control system environments. Experimental tests and their results are presented to quantify the expected performance overhead of this approach. Additionally, Zeek sensor analytics are presented to aid in monitoring the health and security of the key management framework operation.

Safer and Optimised Vulnerability Scanning for Operational Technology through Integrated and Automated Passive Monitoring and Active Scanning

Abstract:

Vulnerability scanning of embedded sensors and controllers have a history of causing disruption and malfunction within operational technology environments. Traditional information technology vulnerability scanning generally consists of blunt exercising all or a large population of test conditions to understand how equipment responds. Often the large number and varied conditions of the tests are too much for embedded systems to handle. This paper presents a methodol-ogy and framework for integrating passive monitoring and active scanning techniques to optimise the type and amount of necessary active communication tests while achieving acceptable levels of device and vulnerability discovery. 

Results from a SCADA-Based Cyber Security Competition

ABSTRACT

On April 1 2011, Regis University hosted the 7th Computer and Network Vulnerability Assessment Simulation (CANVAS) competition with a turnout of 68 event competitors and at least two dozen faculty and spectators. The event was a major success. The competition sought primarily to introduce a Critical Infrastructure Protection (CIP) theme to a cyber competition to raise awareness of these types of attacks. This paper will discuss the goals and intricacies of developing the CANVAS cyber competition, including technical details, extensibility of CIP-focused cyber competitions, as well as the continued development and value of CIP simulation infrastructure.

Cyber-Mugging: Summary and Analysis of a Simulated ICS/SCADA Attack

ABSTRACT

In a representative Industrial Control System (ICS)/Supervisory Control And Data Acquisition (SCADA) laboratory environment, a simulated cyber attack suggests that an attacker with a low to moderate level of technical proficiency may utilize common, publicly-available tools and techniques to obtain complete control of the ICS environment. The cyber-physical relationship between information systems and industrial machinery has created environments where limited resources may be leveraged to trigger significant physical effects. The feasibility that such an incident has the potential to cause significant disruptive effects directly challenges the current paradigm that state-level resources are required to inflict catastrophic results.

Journal of Information Warfare

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

Keywords

A

AI
APT

C

C2
C2S
CDX
CIA
CIP
CPS

D

DNS
DoD
DoS

I

IA
ICS

M

S

SOA

X

XRY

Quill Logo

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

SUBSCRIBE NOW

Get in touch

Registered Agent and Mailing Address

  • Journal of Information Warfare
  •  ArmisteadTEC
  • Dr Leigh Armistead, President
  • 1624 Wakefield Drive
  • Virginia Beach, VA 23455

 757.510.4574

 JIW@ArmisteadTec.com