Logo des Repositoriums

Auflistung nach Schlagwort "Security Controls"

1 - 3 von 3
  • Textdokument
    Model-based Integrity Monitoring of Industrial Automation And Control Systems
    (INFORMATIK 2022, 2022) Peters,Ludger; Khalaf,Mahmoud; Waedt,Karl; Schindler,Josef; Belaidi,Siwar
    This paper aims to enhance cyber security within Electrical Power Systems (EPS) of power plants by extending and using an updated plant simulator. In this paper, we assume a sophisticated attacker, as part of an Advanced Persistent Threat (APT), who gradually damages or manipulates primary assets (in the sense of ISO/IEC 27005:2018, e. g. main cooling water pumps, feedwater pumps, safety valves, and circuit breakers). Accordingly, we assume that the attack agent performs gradual manipulations at the application level. Detecting and predicting a potential anomaly is designed and implemented based on machine learning of expected behavior. The paper will include examples of attacks executed over an extended time period by gradually manipulating combinations of analog and binary signal values or set-points. Challenges related to the training of the detection algorithms, avoidance of false positives, and concise reporting to non-security domain experts will also be addressed.
  • Textdokument
    Modeling Security Controls and System Assets As Autonomous Planning Tasks
    (INFORMATIK 2022, 2022) Khalaf,Mahmoud; Peters,Ludger; Waedt,Karl
    Safety I&C (Instrumentation & Control) and Operational I&C programmable digital systems are growing in complexity at a rapid pace while system designers, project architects, and cyber-security engineers work tirelessly to ensure the safety of the systems by complying with long lists of rules and regulations dictated by relevant regional & international standards [20; BQB17]. These standards are updated, withdrawn, replaced by a revised edition, and amended fairly frequently. Guaranteeing new and existing I&C system assets are still compliant is arduous, expensive, and time-consuming. In this paper, we propose an approach that assists in security modeling and system design by formulating the security controls and I&C assets in PDDL domain (Planning Domain Definition Language by D. McDermott et al. [D 98]). A domain-independent general purpose planner can explore the state space and provide a deterministic plan that transforms the initial state into the goal state. The initial state in this context can be the security threats from which the system needs protection. The goal state can be reaching a specific security degree (S1, S2, S3), satisfying risk management requirements, availability requirements, performance requirements, or a combination of them Tellabi et al. [Te18].
  • Konferenzbeitrag
    Scalable Modeling of Preventive and Detective Security Controls for Cyber-Physical Systems
    (INFORMATIK 2024, 2024) Shun, Hnin Yee; Al Sardy, Loui; Waedt, Karl; Le Berre, Gabriel
    Critical infrastructure and Industry 4.0 depend heavily on Cyber-Physical Systems (CPS), necessitating significant support for cybersecurity and safety professionals throughout development and implementation. This paper explores safety measures linked to physical protection at different CPS levels and how they interact with features of the digital twin. However, digital twins require comprehensive preventative and detective procedures to ensure security. The objective is to facilitate advanced attack tree analysis. Utilizing 3D modeling to incorporate features such as tamper-indicating devices, forensic biometric security, digital CCTV/video monitoring, physical/logical zones, and graded security controls enhances the depiction of the real world. Furthermore, functional safety assessments and risk assessments are carried out. The frameworks will include Babylon JS 7.0, Vue 3.x, and Element+, enabling a tool-based method designed to help subject matter experts analyze complex security postures of CPS efficiently and consistently. This scalable method can be applied in smart manufacturing as well as large-scale plant operations.