Testbed diversity as a fundamental principle for effective ICS security research

Computing and Communications

Associated organisational units

Electronic data

New Submitted Version
Final published version, 570 KB, PDF document
Available under license: None

Research output: Contribution to conference - Without ISBN/ISSN › Conference paper › peer-review

Published

Standard

Testbed diversity as a fundamental principle for effective ICS security research. / Green, Benjamin; Frey, Sylvain Andre Francis ; Rashid, Awais et al.
2016. Paper presented at SERECIN, Egham, United Kingdom.

Research output: Contribution to conference - Without ISBN/ISSN › Conference paper › peer-review

Bibtex

@conference{2fd927fcf2604d7d981b7ec7e064457e,

title = "Testbed diversity as a fundamental principle for effective ICS security research",

abstract = "The implementation of diversity in testbeds is essential to understanding and improving the security and resilience of Industrial Control Systems (ICS). Employing a wide spec- trum of equipment, diverse networks, and business processes, as deployed in real-life infrastructures, is particularly diffi- cult in experimental conditions. However, this level of di- versity is key from a security perspective, as attackers can exploit system particularities and process intricacies to their advantage. This paper presents an ICS testbed with specific focus on infrastructure diversity, and end-to-end business process replication. These qualities are illustrated through a case study mapping data flow/processing, user interactions, and two example attack scenarios.",

author = "Benjamin Green and Frey, {Sylvain Andre Francis} and Awais Rashid and David Hutchison",

year = "2016",

month = apr,

day = "6",

language = "English",

note = "SERECIN : International Workshop on Security and Resilience of Cyber-Physical Infrastructures ; Conference date: 06-04-2016 Through 06-04-2016",

url = "https://sites.google.com/site/serecin2016/home",

}

RIS

TY - CONF

T1 - Testbed diversity as a fundamental principle for effective ICS security research

AU - Green, Benjamin

AU - Frey, Sylvain Andre Francis

AU - Rashid, Awais

AU - Hutchison, David

PY - 2016/4/6

Y1 - 2016/4/6

N2 - The implementation of diversity in testbeds is essential to understanding and improving the security and resilience of Industrial Control Systems (ICS). Employing a wide spec- trum of equipment, diverse networks, and business processes, as deployed in real-life infrastructures, is particularly diffi- cult in experimental conditions. However, this level of di- versity is key from a security perspective, as attackers can exploit system particularities and process intricacies to their advantage. This paper presents an ICS testbed with specific focus on infrastructure diversity, and end-to-end business process replication. These qualities are illustrated through a case study mapping data flow/processing, user interactions, and two example attack scenarios.

AB - The implementation of diversity in testbeds is essential to understanding and improving the security and resilience of Industrial Control Systems (ICS). Employing a wide spec- trum of equipment, diverse networks, and business processes, as deployed in real-life infrastructures, is particularly diffi- cult in experimental conditions. However, this level of di- versity is key from a security perspective, as attackers can exploit system particularities and process intricacies to their advantage. This paper presents an ICS testbed with specific focus on infrastructure diversity, and end-to-end business process replication. These qualities are illustrated through a case study mapping data flow/processing, user interactions, and two example attack scenarios.

M3 - Conference paper

T2 - SERECIN

Y2 - 6 April 2016 through 6 April 2016

ER -

Research

Associated organisational units

Electronic data

Links