Achieving ICS resilience and security through granular data flow management

Green, Benjamin and Krotofil, Marina and Hutchison, David (2016) Achieving ICS resilience and security through granular data flow management. In: CPS-SPC '16 Proceedings of the 2nd ACM Workshop on Cyber-Physical Systems Security and Privacy. ACM, AUT, pp. 93-101. ISBN 9781450345682

[img]
Preview
PDF (CPS-SPC-2016)
CPS_SPC_2016.pdf - Accepted Version
Available under License Creative Commons Attribution-NonCommercial.

Download (880kB)

Abstract

Modern Industrial Control Systems (ICS) rely on enterprise to plant floor connectivity. Where the size, diversity, and therefore complexity of ICS increase, operational requirements, goals, and challenges defined by users across various sub-systems follow. Recent trends in Information Technology (IT) and Operational Technology (OT) convergence may cause operators to lose a comprehensive understanding of end-to-end data flow requirements. This presents a risk to system security and resilience. Sensors were once solely applied for operational process use, but now act as inputs supporting a diverse set of organisational requirements. If these are not fully understood, incomplete risk assessment, and inappropriate implementation of security controls could occur. In search of a solution, operators may turn to standards and guidelines. This paper reviews popular standards and guidelines, prior to the presentation of a case study and conceptual tool, highlighting the importance of data flows, critical data processing points, and system-to-user relationships. The proposed approach forms a basis for risk assessment and security control implementation, aiding the evolution of ICS security and resilience.

Item Type: Contribution in Book/Report/Proceedings
Additional Information: © Owner/Author, 2016. This is the author's version of the work. It is posted here for your personal use. Not for redistribution. The definitive Version of Record was published in CPS-SPC’16, October 28 2016, Vienna, Austria http://dx.doi.org/10.1145/2994487.2994498
Subjects:
Departments: Faculty of Science and Technology > School of Computing & Communications
ID Code: 81792
Deposited By: ep_importer_pure
Deposited On: 05 Oct 2016 10:12
Refereed?: Yes
Published?: Published
Last Modified: 26 Feb 2020 05:51
URI: https://eprints.lancs.ac.uk/id/eprint/81792

Actions (login required)

View Item View Item