Pregled bibliografske jedinice broj: 1210307
Enhancing Modbus/TCP-Based Industrial Automation and Control Systems Cybersecurity Using a Misuse- Based Intrusion Detection System
Enhancing Modbus/TCP-Based Industrial Automation and Control Systems Cybersecurity Using a Misuse- Based Intrusion Detection System // International Symposium on Power Electronics, Electrical Drives, Automation and Motion, SPEEDAM
Sorrento: Institute of Electrical and Electronics Engineers (IEEE), 2022. str. 964-969 doi:10.1109/SPEEDAM53979.2022.9842239 (predavanje, međunarodna recenzija, cjeloviti rad (in extenso), znanstveni)
CROSBI ID: 1210307 Za ispravke kontaktirajte CROSBI podršku putem web obrasca
Naslov
Enhancing Modbus/TCP-Based Industrial Automation
and Control Systems Cybersecurity Using a Misuse-
Based Intrusion Detection System
Autori
Katulić, Filip ; Sumina, Damir ; Erceg, Igor ; Groš, Stjepan
Vrsta, podvrsta i kategorija rada
Radovi u zbornicima skupova, cjeloviti rad (in extenso), znanstveni
Izvornik
International Symposium on Power Electronics, Electrical Drives, Automation and Motion, SPEEDAM
/ - Sorrento : Institute of Electrical and Electronics Engineers (IEEE), 2022, 964-969
ISBN
978-1-6654-8459-6
Skup
International Symposium on Power Electronics, Electrical Drives, Automation and Motion (SPEEDAM 2022)
Mjesto i datum
Sorrento, Italija, 22.06.2022. - 24.06.2022
Vrsta sudjelovanja
Predavanje
Vrsta recenzije
Međunarodna recenzija
Ključne riječi
Automation ; Communication system security ; Cyber-physical systems ; Industrial communication
Sažetak
Modbus over TCP (Modbus/TCP) is a very popular protocol in industrial automation and control systems (IACS), but at the same time it is completely unprotected in terms of cybersecurity. This allows adversaries to manipulate controlled processes by forging or modifying process values in the Modbus protocol data unit (PDU), potentially causing damage to IACSs. In this paper, we propose the use of a misuse-based intrusion detection system (IDS) to detect out-of- bound process values and in that way make it difficult for an adversary to manipulate process values. To test the feasibility of this approach, a cyber-physical system was created, simulating an IACS water treatment plant. The implemented rule- based alarms and warnings were based on the industrial process and an adversary threat model, focusing on the process values of the IACS. This approach shows a promise as an additional safety mechanism to standard IACS cybersecurity solutions.
Izvorni jezik
Engleski
Znanstvena područja
Elektrotehnika, Informacijske i komunikacijske znanosti
POVEZANOST RADA
Projekti:
EK-EFRR-KK.01.2.1.02.0009 - Inovativno rješenje za upravljanje kibernetičkom sigurnosti industrijskih sustava automatizacije postrojenja i procesa (cyberAUT) (Sumina, Damir, EK ) ( CroRIS)
Ustanove:
Fakultet elektrotehnike i računarstva, Zagreb