Journal Home Online First Current Issue Archive For Authors Journal Information 中文版

2023, Volume 25, Issue 6

Abstract

Keywords

Figures

References

Related Research

Back to Top

Strategic Study of CAE >> 2023, Volume 25, Issue 6 doi: 10.15302/J-SSCAE-2023.06.008

Development of Security Protection Technologies for Industrial Control System

Cyberspace Institute of Advanced Technology, Guangzhou University, Guangzhou 510006, China

Funding project:Chinese Academy of Engineering project “Development Strategy of Industrial Internet Security Technology” (2022-JB-04); National Natural Science Fund project (62072130) Received: 2023-07-28 Revised: 2023-10-25 Available online: 2023-12-21
HTML90 PDF 121 Collect 0

Next Previous

Abstract

Industrial control system (ICS) is gradually transitioning from being closed and isolated to open and interconnected. The network threats to ICS are becoming highly hidden, strong-confrontation, and cross-domain in nature. Once subjected to cyberattacks, industrial production will be directly affected. Consequently, network attacks on ICS and corresponding security protection technologies have attracted significant attention. This study focuses on the security protection issues of ICS. First, we analyzed the specific characteristics of ICS security protection, as well as the unclear and uncontrollable security challenges of ICS. The network attacks on ICS are summarized and analyzed, and then the security protection systems with a self-defense mode, such as border protection and defense in depth, are discussed. In view of the security challenges, the development ideas are given from the aspects of security and controllability of ICS and a novel security protection system of ICS, and key tasks and key technology research paths are as follows: establishing an autonomous and controllable ICS security ecology and a security assurance mechanism of foreign devices based on limiters, and exploring the new security protection system of ICS based on a self-defense plus guard mode, such that the security protection ability of ICS can be better improved.

Figures

图1

图2

图3

图4

图5

References

[ 1 ] Stojanović B, Hofer-Schmitz K, Kleb U‍‍. APT datasets and attack modeling for automated detection methods: A review [J]‍. Computers & Security, 2020, 92: 101734.

[ 2 ] 马力, 陈广勇, 张振峰, 等‍. 信息安全技术 网络安全等级保护基本要求: GB/T 22239—2019 [S]‍. 北京: 中国标准出版社, 2019.
Ma L, Chen G Y, Zhang Z F, et al‍. Information security technology—Baseline for classified protection of cybersecurity: GB/T 22239—2019 [S]‍. Beijing: Standard Press of China, 2019.

[ 3 ] Williams T J‍. A reference model for computer integrated manufacturing from the viewpoint of industrial automation [J]‍. IFAC Proceedings Volumes, 1990, 23(8): 281‒291.

[ 4 ] International Electrotechnical Commission, International Electrotechnical Commission‍. IEC 62264-1 enterprise-control system integration—Part 1: Models and terminology [EB/OL]‍. (2013-05-30)[2023-06-20]‍. https://www.iso.org/standard/57308.html.

[ 5 ] 智研咨询‍. 2021—2027年中国工业控制系统产业发展动态及投资决策建议报告 [R]‍. 北京: 智研咨询, 2021.
Zhiyan Kexin Consulting‍. Report on the development dynamics and investment decision suggestions of China´s industrial control system industry from 2021 to 2027 [R]‍. Beijing: Zhiyan Kexin Consulting, 2021.

[ 6 ] 杨婷, 张嘉元, 黄在起, 等‍. 工业控制系统安全综述 [J]‍. 计算机研究与发展, 2022, 59(5): 1035‒1053.
Yang T, Zhang J Y, Huang Z Q, et al‍. Survey of industrial control systems security [J]‍. Journal of Computer Research and Development, 2022, 59(5): 1035‒1053.

[ 7 ] Falliere N, Murchu L O, Chien E‍. W32‍. stuxnet dossier [EB/OL]‍. (2011-02-20)[2023-06-20]‍. https://docs.broadcom.com/doc/security-response-w32-stuxnet-dossier-11-en.

[ 8 ] Lee R M, Assante M J, Conway T‍. Analysis of the cyber attack on the Ukrainian power grid [EB/OL]‍. (2016-03-18)‍[2023-06-20]‍. https://www.huntonprivacyblog.com/wp-content/uploads/sites/28/2016/03/Documents_E-ISAC_SANS_Ukraine_DUC_18Mar2016.pdf.

[ 9 ] Di Pinto A, Dragoni Y, Carcano A‍. TRITON: The first ICS cyber attack on safety instrument systems [EB/OL]‍. [2023-06-20]‍. https://i.blackhat.com/us-18/Wed-August-8/us-18-Carcano-TRITON-How-It-Disrupted-Safety-Systems-And-Changed-The-Threat-Landscape-Of-Industrial-Control-Systems-Forever-wp.pdf.

[10] 黄涛, 付安民, 季宇凯, 等‍. 工控协议逆向分析技术研究与挑战 [J]‍. 计算机研究与发展, 2022, 59(5): 1015‒1034.
Huang T, Fu A M, Ji Y K, et al‍. Research and challenges on reverse analysis technology of industrial control protocol [J]‍. Journal of Computer Research and Development, 2022, 59(5): 1015‒1034.

[11] Lei C, Donghong L, Liang M‍. The spear to break the security wall of S7CommPlus [EB/OL]‍. [2023-06-20]‍. https://www.blackhat.com/docs/eu-17/materials/eu-17-Lei-The-Spear-To-Break%20-The-Security-Wall-Of-S7CommPlus-wp.pdf.

[12] Biham E, Bitan S, Carmel A, et al‍. Rogue7: Rogue engineering-station attacks on S7 Simatic PLCs [EB/OL]‍. (2019-08-03)[2023-06-20]‍. https://i.‍blackhat.‍com/USA-19/Thursday/us-19-Bitan-Rogue7-Rogue-Engineering-Station-Attacks-On-S7-Simatic-PLCs-wp.pdf.

[13] Maynard P, McLaughlin K, Haberler B‍. Towards understanding man-In-the-middle attacks on IEC 60870-5-104 SCADA networks [C]‍. Swindon: The 2nd International Symposium on ICS & SCADA Cyber Security Research, 2014.

[14] Kleinmann A, Amichay O, Wool A, et al‍. Stealthy deception attacks against SCADA systems [M]‍. Cham: Springer International Publishing, 2017: 93‒109.

[15] Hu Y, Sun Y Y, Wang Y C, et al‍. An enhanced multi-stage semantic attack against industrial control systems [J]‍. IEEE Access, 1809, 7: 156871‒156882.

[16] Kalle S, Ameen N, Yoo H, et al‍. CLIK on PLCs! attacking control logic with decompilation and virtual PLC [C]‍. San Diego: 2019 Workshop on Binary Analysis Research, 2019.

[17] Govil N, Agrawal A, Tippenhauer N O‍. On ladder logic bombs in industrial control systems [M]‍. Cham: Springer International Publishing, 2017: 110‒126.

[18] Alsabbagh W, Langendörfer P‍. Patch now and attack later-exploiting S7 PLCs by time-of-day block [C]‍. Victoria: 2021 4th IEEE International Conference on Industrial Cyber-Physical Systems (ICPS), 2021.

[19] Klick J, Lau S, Marzin D, et al‍. Internet-facing PLCs—A new back orifice [EB/OL]‍. [2023-06-20]‍. https://www.blackhat.com/docs/us-15/materials/us-15-Klick-Internet-Facing-PLCs-A-New-Back-Orifice-wp.pdf.

[20] Spenneberg R, Brüggemann M, Schwartke H‍. PLC-blaster: A worm living solely in the PLC [EB/OL]‍. [2023-06-20]‍. https://www.blackhat.com/docs/asia-16/materials/asia-16-Spenneberg-PLC-Blaster-A-Worm-Living-Solely-In-The-PLC-wp.pdf.

[21] Yoo H, Ahmed I‍. Control logic injection attacks on industrial control systems [M]‍. Cham: Springer International Publishing, 2019: 33‒48.

[22] Keliris A, Maniatakos M‍. ICSREF: A framework for automated reverse engineering of industrial control systems binaries [C]‍. San Diego: 2019 Network and Distributed System Security Symposium, 2019.

[23] Castellanos J H, Ochoa M, Cardenas A A, et al‍. AttkFinder: Discovering attack vectors in PLC programs using information flow analysis [C]‍. ZOOM: 24th International Symposium on Research in Attacks, Intrusions and Defenses, 2021.

[24] Liu Y, Ning P, Reiter M K‍. False data injection attacks against state estimation in electric power grids [J]‍. ACM Transactions on Information and System Security, 2011, 14(1): 1‒33.

[25] Sedjelmaci H, Senouci S M, Ansari N‍. A hierarchical detection and response system to enhance security against lethal cyber-attacks in UAV networks [J]‍. IEEE Transactions on Systems, Man, and Cybernetics: Systems, 2018, 48(9): 1594‒1606.

[26] Yu J J Q, Hou Y H, Li V O K‍. Online false data injection attack detection with wavelet transform and deep neural networks [J]‍. IEEE Transactions on Industrial Informatics, 2018, 14(7): 3271‒3280.

[27] Liu X, Li Z Y‍. Local load redistribution attacks in power systems with incomplete network information [J]‍. IEEE Transactions on Smart Grid, 2014, 5(4): 1665‒1676.

[28] Liu X, Bao Z, Lu D, et al‍. Modeling of local false data injection attacks with reduced network information [J]‍. IEEE Transactions on Smart Grid, 2015, 6(4): 1686‒1696.

[29] Tajer A‍. False data injection attacks in electricity markets by limited adversaries: Stochastic robustness [J]‍. IEEE Transactions on Smart Grid, 2019, 10(1): 128‒138.

[30] Bishop A N, Savkin A V‍. On false-data attacks in robust multi-sensor-based estimation [C]‍. Santiago: 2011 9th IEEE International Conference on Control and Automation (ICCA), 2011.

[31] Yu Z H, Chin W L‍. Blind false data injection attack using PCA approximation method in smart grid [J]‍. IEEE Transactions on Smart Grid, 2015, 6(3): 1219‒1226.

[32] 杨安, 孙利民, 王小山, 等‍. 工业控制系统入侵检测技术综述 [J]‍. 计算机研究与发展, 2016, 53(9): 2039‒2054.
Yang A, Sun L M, Wang X S, et al‍. Intrusion detection techniques for industrial control systems [J]‍. Journal of Computer Research and Development, 2016, 53(9): 2039‒2054.

[33] López-Morales E, Rubio-Medrano C, Doupé A, et al‍. HoneyPLC: A next-generation honeypot for industrial control systems [C]‍. New York: The 2020 ACM SIGSAC Conference on Computer and Communications Security, 2020.

[34] 黄家辉, 冯冬芹, 王虹鉴‍. 基于攻击图的工控系统脆弱性量化方法 [J]‍. 自动化学报, 2016, 42(5): 792‒798.
Huang J H, Feng D Q, Wang H J‍. A method for quantifying vulnerability of industrial control system based on attack graph [J]‍. Acta Automatica Sinica, 2016, 42(5): 792‒798.

[35] 周明, 吕世超, 游建舟, 等‍. 工业控制系统安全态势感知技术研究 [J]‍. 信息安全学报, 2022, 7(2): 101‒119.
Zhou M, Lyu S C, You J Z, et al‍. A comprehensive survey of security situational awareness on industrial control systems [J]‍. Journal of Cyber Security, 2022, 7(2): 101‒119.

[36] Zonouz S, Rrushi J, McLaughlin S‍. Detecting industrial control malware using automated PLC code analytics [J]‍. IEEE Security & Privacy, 2014, 12(6): 40‒47.

[37] Guo S J, Wu M, Wang C‍. Symbolic execution of programmable logic controller code [C]‍. Paderborn: The 2017 11th Joint Meeting on Foundations of Software Engineering, 2017.

[38] Zheng Y W, Davanian A, Yin H, et al‍. FIRM-AFL: High-throughput greybox fuzzing of iot firmware via augmented process emulation [C]‍. Berkeley: The 28th USENIX Conference on Security Symposium, 2019.

[39] Luo Z X, Zuo F L, Jiang Y, et al‍. Polar [J]‍. ACM Transactions on Embedded Computing Systems, 2019, 18(5s): 1‒22.

[40] Chen Y Q, Poskitt C M, Sun J, et al‍. Learning-guided network fuzzing for testing cyber-physical system defences [C]‍. San Diego: The 34th IEEE/ACM International Conference on Automated Software Engineering, 2019.

[41] 李欣格, 胡晓娅, 周纯杰, 等‍. 面向工业控制系统全生命周期的脆弱性多维协同分析 [J]‍. 控制与决策, 2022, 37(11): 2827‒2838.
Li X G, Hu X Y, Zhou C J, et al‍. Multi-dimensional collaborative analysis of vulnerability for full-lifecycle of industrial control systems [J]‍. Control and Decision, 2022, 37(11): 2827‒2838.

[42] BCS 2022方滨兴: 在冬奥防护中, "四蜜"探查结构塑造了更加强大的防护模式 [EB/OL]‍. (2022-07-13)[2023-08-18]‍. https://bcs.qianxin.com/2022 /news/detail?id=55.
BCS 2022 Fang Binxing: In Winter Olympics protection, the "four honey" exploration structure has shaped a more powerful protection mode [EB/OL]‍. (2022-07-13)[2023-08-18]‍. https://bcs.qianxin.com/2022 /news/detail?id=55.

Related Research