Programmable Logic Controllers(PLC),core of industrial control systems,is widely used in industrial control systems.The security of PLC is the key to the security of industrial control systems.Nowadays,a large number ...Programmable Logic Controllers(PLC),core of industrial control systems,is widely used in industrial control systems.The security of PLC is the key to the security of industrial control systems.Nowadays,a large number of industrial control systems are connected to the Internet which exposes the PLC equipment to the Internet,and thus raising security concerns.First of all,we introduce the basic principle of PLC in this paper.Then we analyze the PLC code security,firmware security,network security,virus vulnerability and Modbus communication protocol by reviewing the previous related work.Finally,we make a summary of the current security protection methods.展开更多
This paper introduces the Integrated Security Embedded Resilience Architecture (ISERA) as an advanced resilience mechanism for Industrial Control Systems (ICS) and Operational Technology (OT) environments. The ISERA f...This paper introduces the Integrated Security Embedded Resilience Architecture (ISERA) as an advanced resilience mechanism for Industrial Control Systems (ICS) and Operational Technology (OT) environments. The ISERA framework integrates security by design principles, micro-segmentation, and Island Mode Operation (IMO) to enhance cyber resilience and ensure continuous, secure operations. The methodology deploys a Forward-Thinking Architecture Strategy (FTAS) algorithm, which utilises an industrial Intrusion Detection System (IDS) implemented with Python’s Network Intrusion Detection System (NIDS) library. The FTAS algorithm successfully identified and responded to cyber-attacks, ensuring minimal system disruption. ISERA has been validated through comprehensive testing scenarios simulating Denial of Service (DoS) attacks and malware intrusions, at both the IT and OT layers where it successfully mitigates the impact of malicious activity. Results demonstrate ISERA’s efficacy in real-time threat detection, containment, and incident response, thus ensuring the integrity and reliability of critical infrastructure systems. ISERA’s decentralised approach contributes to global net zero goals by optimising resource use and minimising environmental impact. By adopting a decentralised control architecture and leveraging virtualisation, ISERA significantly enhances the cyber resilience and sustainability of critical infrastructure systems. This approach not only strengthens defences against evolving cyber threats but also optimises resource allocation, reducing the system’s carbon footprint. As a result, ISERA ensures the uninterrupted operation of essential services while contributing to broader net zero goals.展开更多
Supervisory control and data acquisition systems(SCADAs)play an important role in supervising and controlling industrial production with the help of programmable logic controllers(PLCs)in industrial control systems(IC...Supervisory control and data acquisition systems(SCADAs)play an important role in supervising and controlling industrial production with the help of programmable logic controllers(PLCs)in industrial control systems(ICSs).A PLC receives the control information or program from a SCADA to control the production equipment and feeds the production data back to the SCADA.Once a SCADA is controlled by an attacker,it may threaten the safety of industrial production.The lack of security protection,such as identity authentication and encryption for industrial control protocols,increases the potential security risks.In this paper,we propose a PLC protection system combined with a monitor between a SCADA and a PLC and a physically separated monitoring station.By using the PLC protection system,identity verification and command verification are separated,and both the identity of the operator and the corresponding commands are recorded.Experiments show that even if the SCADA is controlled by an attacker,our system could still protect the PLC in the field and record the identity of the key command operator,which facilitates the tracing and forensics of malicious activities.展开更多
基金This work is funded by the National Key Research and Development Plan(Grant No.2018YFB0803504)the National Natural Science Foundation of China(Nos.61702223,61702220,61871140,U1636215)the Opening Project of Shanghai Trusted Industrial Control Platform.
文摘Programmable Logic Controllers(PLC),core of industrial control systems,is widely used in industrial control systems.The security of PLC is the key to the security of industrial control systems.Nowadays,a large number of industrial control systems are connected to the Internet which exposes the PLC equipment to the Internet,and thus raising security concerns.First of all,we introduce the basic principle of PLC in this paper.Then we analyze the PLC code security,firmware security,network security,virus vulnerability and Modbus communication protocol by reviewing the previous related work.Finally,we make a summary of the current security protection methods.
基金funded by the Office of Gas and Electricity Markets(Ofgem)and supported by De Montfort University(DMU)and Nottingham Trent University(NTU),UK.
文摘This paper introduces the Integrated Security Embedded Resilience Architecture (ISERA) as an advanced resilience mechanism for Industrial Control Systems (ICS) and Operational Technology (OT) environments. The ISERA framework integrates security by design principles, micro-segmentation, and Island Mode Operation (IMO) to enhance cyber resilience and ensure continuous, secure operations. The methodology deploys a Forward-Thinking Architecture Strategy (FTAS) algorithm, which utilises an industrial Intrusion Detection System (IDS) implemented with Python’s Network Intrusion Detection System (NIDS) library. The FTAS algorithm successfully identified and responded to cyber-attacks, ensuring minimal system disruption. ISERA has been validated through comprehensive testing scenarios simulating Denial of Service (DoS) attacks and malware intrusions, at both the IT and OT layers where it successfully mitigates the impact of malicious activity. Results demonstrate ISERA’s efficacy in real-time threat detection, containment, and incident response, thus ensuring the integrity and reliability of critical infrastructure systems. ISERA’s decentralised approach contributes to global net zero goals by optimising resource use and minimising environmental impact. By adopting a decentralised control architecture and leveraging virtualisation, ISERA significantly enhances the cyber resilience and sustainability of critical infrastructure systems. This approach not only strengthens defences against evolving cyber threats but also optimises resource allocation, reducing the system’s carbon footprint. As a result, ISERA ensures the uninterrupted operation of essential services while contributing to broader net zero goals.
基金This work is funded by the National Key Research and Development Plan(Grant No.2020YFB2009503)the National Natural Science Foundation of China(No.62072130,61702223,61702220,61871140,61872420)+6 种基金the Guangdong Province Key Area R&D Program of China(No.2019B010137004)the Guangdong Basic and Applied Basic Research Foundation(Nos.2020A1515010450,2021A1515012307)Guangdong Province Universities and Colleges Pearl River Scholar Funded Scheme(2019)Guangdong Higher Education Innovation Group(No.2020KCXTD007)Guangzhou Basic and Applied Basic Research Foundation(No.202102020867,202102021207)Guangzhou Higher Education Innovation Group(No.202032854)Industrial Internet innovation and development project of MIIT NO.TC200H01 V.
文摘Supervisory control and data acquisition systems(SCADAs)play an important role in supervising and controlling industrial production with the help of programmable logic controllers(PLCs)in industrial control systems(ICSs).A PLC receives the control information or program from a SCADA to control the production equipment and feeds the production data back to the SCADA.Once a SCADA is controlled by an attacker,it may threaten the safety of industrial production.The lack of security protection,such as identity authentication and encryption for industrial control protocols,increases the potential security risks.In this paper,we propose a PLC protection system combined with a monitor between a SCADA and a PLC and a physically separated monitoring station.By using the PLC protection system,identity verification and command verification are separated,and both the identity of the operator and the corresponding commands are recorded.Experiments show that even if the SCADA is controlled by an attacker,our system could still protect the PLC in the field and record the identity of the key command operator,which facilitates the tracing and forensics of malicious activities.
