A Distributed IDS for Industrial Control Systems

A Distributed IDS for Industrial Control Systems

Tiago Cruz (University of Coimbra, Coimbra, Portugal), Jorge Proença (University of Coimbra, Coimbra, Portugal), Paulo Simões (University of Coimbra, Coimbra, Portugal), Matthieu Aubigny (iTrust Consulting, Niederanven, Luxembourg), Moussa Ouedraogo (Luxembourg Institute of Science and Technology, Kirchberg, Luxembourg), Antonio Graziano (Selex ES, Roma, Italy) and Leandros Maglaras (University of Surrey, Guildford, UK)
Copyright: © 2014 |Pages: 22
DOI: 10.4018/ijcwt.2014040101
OnDemand PDF Download:
$30.00
List Price: $37.50

Abstract

Cyber-threats are one of the most significant problems faced by modern Industrial Control Systems (ICS), such as SCADA (Supervisory Control and Data Acquisition) systems, as the vulnerabilities of ICS technology become serious threats that can ultimately compromise human lives. This situation demands a domain-specific approach to cyber threat detection within ICS, which is one of the most important contributions of the CockpitCI FP7 project (http://CockpitCI.eu). Specifically, this paper will present the CockpitCI distributed Intrusion Detection System (IDS) for ICS, which provides its core cyber-detection and analysis capabilities, also including a description of its components, in terms of role, operation, integration, and remote management. Moreover, it will also introduce and describe new domain-specific solutions for ICS security such as the SCADA Honeypot and the Shadow Security Unit, which are part of the CockcpitCI IDS framework.
Article Preview

A Brief Overview Of Ics/Scada Security Issues

The development of the CockpitCI PIDS architecture was preceded by a requirements analysis phase, with the purpose of understanding the specific characteristics and differences between ICS and conventional ICT infrastructures, from a security standpoint. This study revealed several significant differences between ICT and ICS domains that are deeply rooted in their own particular characteristics, down to the fundamental priorities that define which are the most important operational and functional properties of the system.

Complete Article List

Search this Journal:
Reset
Open Access Articles: Forthcoming
Volume 7: 4 Issues (2017)
Volume 6: 4 Issues (2016)
Volume 5: 4 Issues (2015)
Volume 4: 4 Issues (2014)
Volume 3: 4 Issues (2013)
Volume 2: 4 Issues (2012)
Volume 1: 4 Issues (2011)
View Complete Journal Contents Listing