A framework for Cybersecurity of Supervisory Control and Data Acquisition (SCADA) Systems and Industrial Control Systems (ICS)

dc.contributor.advisor Ratnesh Kumar
dc.contributor.author Al Ghazo, Alaa
dc.contributor.department Electrical and Computer Engineering
dc.date 2020-06-26T19:45:22.000
dc.date.accessioned 2020-06-30T03:21:14Z
dc.date.available 2020-06-30T03:21:14Z
dc.date.copyright Fri May 01 00:00:00 UTC 2020
dc.date.embargo 2020-06-23
dc.date.issued 2020-01-01
dc.description.abstract <p>The motivation behind this thesis is to provide an efficient and comprehensive solution to secure Supervisory Control and Data Acquisition (SCADA) systems and Industrial Control Systems (ICS). SCADA/ICS systems used to be on isolated networks. However, due to the increase in popularity and advancements of wireless networking and cloud technologies, SCADA/ICS systems have begun to expand their connectivity to the cloud; the extent of such connectivity can vary from system to system. Benefits of connecting to the internet/cloud are substantial, but such connectivity also makes those system vulnerable, for no longer being isolated.</p> <p>Device recognition is useful first step in vulnerability identification and defense augmentation, but due to the lack of full traceability in case of legacy SCADA/ICS systems, the typical device recognition based on document inspection is not applicable. leading to the possibility of unaccounted security vulnerabilities in such systems. We propose a hybrid approach involving the mix of communication patterns and passive fingerprinting to identify unknown device types, manufacturers, and models. In addition, our ANDVI implementation maps the identified devices to their known vulnerabilities</p> <p>To identify how interdependence among existing atomic vulnerabilities may be exploited by an adversary to stitch together an attack that can compromise the system, we propose a model-checking based Automated Attack-Graph Generator and Visualizer (A2G2V). The proposed A2G2V algorithm uses existing model-checking tools, an architecture description tool, and our own code to generate an attack-graph that enumerates the set of all possible sequences in which atomic-level vulnerabilities can be exploited to compromise system security.</p> <p>Attack-graphs analysis enables security administrators to establish appropriate security measurements to secure their system but practical considerations on time and cost can pose limit on their ability to address all system-level vulnerabilities at once. In this thesis, we propose an approach that identifies label-cuts within an attack-graph to automatically identify a set of critical-attacks that, when blocked, renders the system secure. The identification of a minimal label-cut is in general NP-complete, and in order to deal with this computational complexity, we propose a linear complexity approximation utilizing the Strongly-Connected-Components (SCCs) to identify a cut possessing a minimum number of labels and representing a critical-attacks set. Also, we compare our proposed algorithm to an exact minimum label-cut algorithm and to an approximation algorithm, both taken from the literature and report the improvements.</p> <p>The proposed approaches were tested on real-world case studies, including two IT network systems and a SCADA network for a water treatment cyber-physical system.</p> This work has been submitted to the IEEE for possible publication. Copyright may be transferred without notice, after which this version may no longer be accessible.
dc.format.mimetype application/pdf
dc.identifier archive/lib.dr.iastate.edu/etd/17834/
dc.identifier.articleid 8841
dc.identifier.contextkey 18242332
dc.identifier.doi https://doi.org/10.31274/etd-20200624-13
dc.identifier.s3bucket isulib-bepress-aws-west
dc.identifier.submissionpath etd/17834
dc.identifier.uri https://dr.lib.iastate.edu/handle/20.500.12876/32017
dc.language.iso en
dc.source.bitstream archive/lib.dr.iastate.edu/etd/17834/AlGhazo_iastate_0097E_18465.pdf|||Fri Jan 14 21:29:38 UTC 2022
dc.subject.keywords Cyber security
dc.subject.keywords Cyber-physical system
dc.subject.keywords industrial control system
dc.subject.keywords IoT
dc.subject.keywords SCADA
dc.title A framework for Cybersecurity of Supervisory Control and Data Acquisition (SCADA) Systems and Industrial Control Systems (ICS)
dc.type article
dc.type.genre thesis
dspace.entity.type Publication
relation.isOrgUnitOfPublication a75a044c-d11e-44cd-af4f-dab1d83339ff
thesis.degree.discipline Electrical Engineering; Computer Engineering
thesis.degree.level thesis
thesis.degree.name Doctor of Philosophy
File
Original bundle
Now showing 1 - 1 of 1
No Thumbnail Available
Name:
AlGhazo_iastate_0097E_18465.pdf
Size:
6.55 MB
Format:
Adobe Portable Document Format
Description: