Abstract
Mid 2010, the Stuxnet ICS attack targeted the
Siemens automation products, and after this attack the ICS
security was thrust into spotlight, automation products
suppliers started to re-examine their business approach to cyber security. The OPC Foundation made also significant changes and improvements on its new design OPC-UA to increase
security of automation applications but, what is still missing and seems to be not resolved any time soon is having security in depth for industrial automation applications. In this paper, we propose a simple but strong security control solution, what we will call a logic application level security particularly for SCADA and DCS. This proposed method is based on message integrity and should not be viewed as the main, nor the only level of protection that an industrial automation system is expected to have, but can be a low-level security procedure that avoids intelligent attacks such as Stuxnet.
Original language | English |
---|---|
DOIs | |
Publication status | Published - 15 Jul 2019 |
Externally published | Yes |
Event | 10th IFIP International Conference on New Technologies, Mobility & Security - Duration: 15 Jul 2019 → … |
Conference
Conference | 10th IFIP International Conference on New Technologies, Mobility & Security |
---|---|
Period | 15/07/19 → … |
Keywords
- MAC
- Encryption
- DCS
- SCADA
- Stuxnet
- Obfuscation