Exploring How The Unique Behaviours Of Industrial Control System Networks Can Be Applied To Enhance Intrusion Prevention

Peter Hazell, Joan Lu

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

Industrial control system security is essential to protecting both industrial output and Critical National Infrastructure (CNI) from cyber-attack, as well as ensuring the safety of workers, members of the public and the environment. Operators of these facilities face a security problem in the dearth of effective countermeasures. This paper addresses this problem by identifying the reasons why so few countermeasures exist and what approaches could be taken to remedy this in a manner that serves both traditional Industrial Control Systems (ICSs), and the emerging needs of the Industrial Internet of Things (IIoT). Circa two-thousand-five-hundred documents (sourced from a combination of five academic search engines, standards agencies, and industrial reports) were reviewed and analysed. From this was found that existing ICS countermeasures are largely derived from existing IT solutions that do not seek to take advantage of the specific characteristics of ICSs – making them less effective or inappropriate in many ICS applications; this is particularly true of network intrusion protection systems, for which false positive detection can have a serious impact on the safe and reliable operation of industrial facilities. It is proposed that the characteristics of ICS and IIoT communications networks lend themselves to a whitelisting approach to network intrusion protection, which would avoid the problem of false positives, and that future work based on the OPC-UA protocol would prove this and demonstrate its suitability for all ICS and IIoT applications.
Original languageEnglish
Title of host publication2022 13th UKACC International Conference on Control, CONTROL 2022
PublisherIEEE
Pages38-44
Number of pages7
ISBN (Electronic)9781665452007
ISBN (Print)9781665452014
DOIs
Publication statusPublished - 27 May 2022
Event13th United Kingdom Automatic Control Council (UKACC) International Conference - University of Plymouth, Plymouth, United Kingdom
Duration: 20 Apr 202222 Apr 2022
Conference number: 13
https://pearl.plymouth.ac.uk/handle/10026.1/15411

Conference

Conference13th United Kingdom Automatic Control Council (UKACC) International Conference
Abbreviated titleCONTROL2022
Country/TerritoryUnited Kingdom
CityPlymouth
Period20/04/2222/04/22
Internet address

Fingerprint

Dive into the research topics of 'Exploring How The Unique Behaviours Of Industrial Control System Networks Can Be Applied To Enhance Intrusion Prevention'. Together they form a unique fingerprint.

Cite this