Article Preview
Top1. Introduction
Information Communication Technology (ICT) has provided critical support for developing economies through support of civil and military infrastructures, public safety, and national security systems (Fritz, 2008). Nowadays, ICT is at the core of many critical and sensitive infrastructures in the form of Industrial Control Systems (ICS), such as nuclear facilities, electric power generation plants and industrial manufacturing systems. Security and Privacy have been major issues on multiple facets involving ICSs, Wireless Sensor Networks, and others (Hussain, and Kaliya, 2018; Liang, et. al. 2018; Niksaz and Kargar, 2012; Rao, Srivastava, and Sreekanth, 2017). Systems overseen by Supervisory Control and Data Acquisitions (SCADAs) and SCADAs themselves have become primary targets of cyber-attacks for decades. These attacks have the potential to inflict serious damages (Oman et al. 2001).
Commercial Off-The-Shelf (COTS) products including operating systems, applications, and communication protocols have been replacing proprietary products designed specifically for SCADAs (Wright, 2011). The new shift to adopt COTS in ICSs and SCADAs designs has propelled the implementation of generic security solutions. Among these solutions are Intrusion Detection Prevention Systems (IDPS), which could be integrated as a part of or as a standalone ICT security solution. They are security systems designed to identify malicious activities, log them, report them, and attempt to stop them (Scarfone and Mell, 2007). However, IDPSs behavior might be catastrophic for sensitive ICSs, such as Nuclear Power Plants (NPPs). Actions designed to block a port or disconnect a network zone might prevent an attack, however, they might affect the normal functioning of a subsystem and therefore have disastrous ramifications. This paper proposes a novel evaluation method of IDPSs actions that takes into consideration the safety and reliability of the overall system/plant, while attempting to prevent cyber-attacks. The crux of this novel approach is that the IDPS does not react until it assesses the impact of its actions. That is, identified remediation actions are evaluated following the four steps proposed by the novel method of this study before execution.. If the actions proposed by the IDPS do not threaten the normal functioning of the whole system, especially safety subsystems, the proposed actions are applied, otherwise, the instructions will not be executed, as there are greater probabilities that they might lead to a disaster. The main contribution of the novel IMMAESA approach is the different way security actions (mechanisms) are being selected and applied. In this approach, the proposed mitigation techniques are evaluated as a whole, before they are applied to avoid any undesirable consequences, such as reactor meltdown in NPPs. The optimal solution from available combinations of actions is identified according to multiple parameters and variables using advanced algorithms.
The remainder of this paper is structured as follows: The second (following) section relates to the background of the study, which reviews some of the recent studies relating to ICSs and SCADA’s security issues; Severity Analysis and Assessment of IDPSs actions; the algorithm adopted in this study; and the concept of systems reliability. The third section presents the proposed method, which is the Intrusion Modes, Mitigation Actions and Effects Severity Analysis (IMMAESA); the fourth section presents the application of IMMAESA on a Nuclear Power Plant; the fifth section presents and discusses the numerical results; followed by a conclusion.