Cyber Security Vulnerability Management in CBRN Industrial Control Systems (ICS)

Cyber Security Vulnerability Management in CBRN Industrial Control Systems (ICS)

Roberto Mugavero (Department of Electronic Engineering – University of Rome “Tor Vergata”, Rome, Italy), Stanislav Abaimov (National Inter-Universitary Consortium for Telecommunications, Italy), Federico Benolli (OSDIFE - Observatory on Security and CBRNe Defence, Rome, Italy) and Valentina Sabato (OSDIFE - Observatory on Security and CBRNe Deefence, Rome, Italy)
DOI: 10.4018/IJISCRAM.2018040103

Abstract

As cyberattacks are becoming the prevalent types of attacks on critical infrastructures, due protection and effective response are crucial in CBRN facilities. This article explores comprehensive cyber security vulnerability management related to CBRN Control Systems and Industrial Control Systems (ICS) and provides recommendations that will increase CBRN operational cyber security and ensure further platform for the research in the field of operational vulnerability detection and remediation. The article reviews several key issues related to ICS vulnerability management cycle, vulnerability sharing with security developers, patch and network management, cyber offensive threats and threat actors and related cyber security challenges. It covers such specific issues as ICS connectivity to private/public networks, critical ICS accessibility via Web Access, Wi-Fi and/or unauthorised software inside corporate networks. The proposed solutions refer to some areas of vulnerability management for the awareness and development of countermeasures.
Article Preview
Top

2. Introduction

Rapidly advancing cyber technologies have been assisting threat actors in offensive cyber operations since the creation of computers, computer networks and computerized control systems. The exponentially evolving infiltration techniques and publicly available hacking tools facilitate the attacks implementation and increase their variability. Though even AI-empowered, modern cyber defence software does not provide ultimate protection. Innovative multi-disciplinary solutions are required to ensure the enhanced cyber safety and security of the strategic CBRNe infrastructure.

Complete Article List

Search this Journal:
Reset
Open Access Articles
Volume 11: 2 Issues (2019)
Volume 10: 4 Issues (2018)
Volume 9: 4 Issues (2017)
Volume 8: 4 Issues (2016)
Volume 7: 4 Issues (2015)
Volume 6: 4 Issues (2014)
Volume 5: 4 Issues (2013)
Volume 4: 4 Issues (2012)
Volume 3: 4 Issues (2011)
Volume 2: 4 Issues (2010)
Volume 1: 4 Issues (2009)
View Complete Journal Contents Listing