Browse > Article
http://dx.doi.org/10.5762/KAIS.2018.19.4.664

A Efficient Network Security Management Model in Industrial Control System Environments  

Kim, Il-Yong (Department of IT Policy Management, Soongsil University)
Lim, Hee-Teag (Department of IT Policy Management, Soongsil University)
Ji, Dae-Bum (Department of IT Policy Management, Soongsil University)
Park, Jae-Pyo (Graduate School of Information Science, Soongsil University)
Publication Information
Journal of the Korea Academia-Industrial cooperation Society / v.19, no.4, 2018 , pp. 664-673 More about this Journal
Abstract
The industrial control system (ICS) has operated as a closed network in the past, but it has recently been linked to information and communications services and has been causing damage due to cyber attacks. As a countermeasure, the Information Communication Infrastructure Protection Act was enacted, but it cannot be applied to various real control environments because there is only a one-way policy-from a control network to a business network. In addition, IEC62443 defines an industrial control system reference model as an international standard, and suggests an area security model using a firewall. However, there is a limit to linking an industrial control network, operating as a closed network, to an external network only through a firewall. In this paper, we analyze the security model and research trends of the industrial control system at home and abroad, and propose an industrial control system security model that can be applied to the actual interworking environments of various domestic industrial control networks. Also, we analyze the security of firewalls, industrial firewalls, network connection equipment, and one-way transmission systems. Through a domestic case and policy comparison, it is confirmed that security is improved. In the era of the fourth industrial revolution, the proposed security model can be applied to security management measures for various industrial control fields, such as smart factories, smart cars, and smart plants.
Keywords
Industrial Security; ICS Security; SCADA Security; ICS Reference Model; Industrial Control System;
Citations & Related Records
연도 인용수 순위
  • Reference
1 National Intelligence Service, Ministry of Science, ICT and Future Planning, Korea Communications Commission, Ministry of the Interior and Safety, Financial Service Commission, 2017 National information Security White Paper, 04. 2017.
2 Ministry of Science, ICT and Future Planning Announcement 2013-37, Baseline for Vulnerability Analysis and Evaluation in the Critical Information Communication Infrastructure, 08. 2013.
3 National Security Research Institute, Requirements for Industrial Control System, 2017. 11.
4 IEC TS 62443-1-1:2009, Industrial communication networks - Network and system security - Part 1-1: Terminology, concepts and models, Jul. 2009.
5 ISA-62443-1-1, Security for Industrial Automation and Control System, Mar. 2017.
6 NIST SP 800-82, Guide to Industrial Control System Security, May. 2015.
7 Jun-Hyeong Oh, Young-In You, Kyung-Ho Lee, "Computer Emergency in Infrastructure and ICS Standards Trends," Review of KIISC, vol. 27, no. 2, pp. 5-11. 04. 2017.
8 David Kuipers, Mark Fabro, Control Systems Cyber Security : Defense in Depth Strategies, INL/EXT-06-11478, May 2006.
9 ISA-95.00.01-CDV3, Enterprise-Control System Integration, Part 1: Models and Terminology, 2008.
10 Belden Inc., Tofino Security Appliance. https://www.tofinosecurity.com
11 Moxa Inc., https://www.moxa.com/
12 Crystal Group Inc., https://www.crystalrugged.com/
13 Tofino Security White paper. Using ANSI/ISA-99 Standards to Improve Control System Security, May. 2012.
14 NNSP Co. Ltd., http://nnsp.co.kr
15 Waterfall Security Solutions Ltd., https://waterfall-security.com/
16 Owl Cyber Defence Solution, https://www.owlcyberdefense.com/
17 IT Security Certification Center, Requirements for Government IT Security Products, 2014.
18 Hunesion Co. Lted., http://www.hunesion.com/
19 Hanssak Co. Ltd., http://www.hanssak.co.kr
20 SQLsoft Co. Ltd., http://www.sqisoft.com