Browse > Article
http://dx.doi.org/10.13067/JKIECS.2014.9.1.137

Vulnerability Analysis for Industrial Control System Cyber Security  

Kim, Do-Yeon (순천대학교 컴퓨터공학과)
Publication Information
The Journal of the Korea institute of electronic communication sciences / v.9, no.1, 2014 , pp. 137-142 More about this Journal
Abstract
Industrial control system (ICS) is a computer based system which are typically used in nation-wide critical infra-structure facilities such as electrical, gas, water, wastewater, oil and transportation. In addition, ICS is essentially used in industrial application domain to effectively monitor and control the remotely scattered systems. The highly developed information technology (IT) and related network techniques are continually adapted into domains of industrial control system. However, industrial control system is confronted significant side-effects, which ICS is exposed to prevalent cyber threats typically found in IT environments. Therefore, cyber security vulnerabilities and possibilities of cyber incidents are dramatically increased in industrial control system. The vulnerabilities that may be found in typical ICS are grouped into Policy and Procedure, Platform, and Network categories to assist in determining optimal mitigation strategies. The order of these vulnerabilities does not necessarily reflect any priority in terms of likelihood of occurrence or severity of impact. Firstly, corporate security policy can reduce vulnerabilities by mandating conduct such as password usage and maintenance or requirements for connecting modems to ICS. Secondly, platfom vulnerabilities can be mitigated through various security controls, such as OS and application patching, physical access control, and security software. Thirdly, network vulnerabilities can be eliminated or mitigated through various security controls, such as defense-in-depth network design, encrypting network communication, restricting network traffic flows, and providing physical access control for network components.
Keywords
Industrial Control System; Cyber Security; Vulnerabilities Analysis;
Citations & Related Records
Times Cited By KSCI : 2  (Citation Analysis)
연도 인용수 순위
1 Y.-T. Cha, B.-H. Cho, and J.-C. Na, "Security Technology Trends and Prospective of Industrial Control System,". KEIT PD Issue Report, vol. 13-6, 2013, pp. 79-100.
2 N. Falliere, L. O. Murchu, and E. Chien, "Win32.stuxnet Dossier," Symantec Security Response, 2011.
3 A. Nicholson, S. Webber, S. Dyer, T. Patel, and H. Janicke, "SCADA Security in the light of Cyber- Warfare," Computer & Security, 2012, pp. 418-436.
4 Y.-H. Chen, "Introduction of Information Security for Industrial Control System," Korea Institute of Information Security and Cryptology, vol. 19, no. 5, 2009, pp. 52-59.
5 NRC Information Notice 2003-14, "Potential Vulnerability of Plant Computer Network to Worm Infection," Nuclear Regulatory Commission, 2003.
6 Y.-H. Chen, "Network Design and Architecture for ICS Security", Korea Institute of Information Security and Cryptology, vol. 19, no. 5 2009, pp. 60-67.
7 NIST SP800-53, "Recommended Security Controls for Federal Information System," National Institute of Standards and Technology, 2009.
8 NIST SP800-82, "Guide to Industrial Control System Security," National Institute of Standards and Technology, 2011.
9 W.-S. Seo and M.-S. Jun, "A Direction of Convergence and Security of Smart Grid and Information Communication Network," J. of the Korea Institute of Electronic Communication Sciences, vol. 5, no. 5, 2010, pp. 477-486.   과학기술학회마을
10 I.-S. Koo, K.-W. Kim, S.-B. Hong, G.-O. Park, and J.-Y. Park, "Digital Asset Analysis Methodology against Cyber Threat to I&C System in NPP," J. of the Korea Institute of Electronic Communication Sciences, vol. 6, no. 6, 2011, pp. 839-847.
11 C.-H. Yoon, G.-J. Kim, and C.-S. Jang, "Embedded-based Power Monitoring Security Module Design," J. of the Korea Institute of Electronic Communication Sciences, vol. 8, no. 10, 2013, pp. 1485-1490.   과학기술학회마을   DOI   ScienceOn