The goal of this communication is to examine the implementation of defense in depth strategy to secure the industrial control systems (ICS) from threats, hackers, vandals and other ones that can damage the critical infrastructures (gas transportation network, power transmission network, power generation, power distribution grids, air traffic, petrochemical industries, rail traffic, military industries) and others big infrastructures that affect large number of persons and security of nations [1]. The defense in depth concept ensures the physical access protection of the infrastructure, using network access control system (NAC) and traditional security measures, and implements policies and procedures that deal training and cybersecurity awareness programs, risk assessment (analyzing and documenting), and the plan of security. The philosophy of defense in depth uses also the IT technologies in order to ensure separation and segmentations of the networks to the VLANs, demilitarized zones, VPN, using firewalls, switch and routers. The hardening of different systems installed like routers, firewalls, switches and other devices on the network such as SCADA servers is a very sensitive operation of defense in depth. The last important operations are monitoring and maintenance, the monitoring serve to detect and stop intrusions attempts before they can damage the control system with using detection and protection system (IDS/IPS), and the maintenance operations control system (soft and hard), schedule updating of anti-virus software on different devices installed in the network like (computers, SCADA servers, routers, switch and other devices). The defense-in-depth recommendations described in this document can decrease the risk of attacks can target industrial network architectures, like VLAN hopping, SQL injection on SCADA, IP spoofing and DoS (denies of service) and others ones. The risk of attacks can use a common point of access as point of failures (RTU, corporate VPNs, database links, wireless communication, and IT controlled communication equipment). The implementation strict of the defense in depth concept can avoid important damage of critical infrastructures such as loss of production, damage to plant, impact on reputation, impact of health, impact of safety, impact of environment and impact on nation’s security.
Published in | American Journal of Artificial Intelligence (Volume 3, Issue 2) |
DOI | 10.11648/j.ajai.20190302.11 |
Page(s) | 17-22 |
Creative Commons |
This is an Open Access article, distributed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/by/4.0/), which permits unrestricted use, distribution and reproduction in any medium or format, provided the original work is properly cited. |
Copyright |
Copyright © The Author(s), 2020. Published by Science Publishing Group |
ICS, SCADA, Cybersecurity, IDS, IPS, Defense in Depth, Demilitarized Zones (DMZ), Firewall, Next Generation Firewall
[1] | TSCHROUB Abdelghani. Industrial control system (ICS) security in power transmission network. February 2019, Algerian Large Electrical Network Conference (CAGRE). IEEE conferences. |
[2] | Keith Stouffer, Victoria Pillitteri, Suzanne Lightman, Marshall Abrams Adam Hahn. Guide to Industrial Control Systems (ICS) Security. Supervisory Control and Data Acquisition (SCADA) Systems, Distributed Control Systems (DCS), and Other Control System Configurations such as Programmable Logic Controllers (PLC). NIST Special Publication 800-82 Revision 2. National Institute of Standards and Technology. U.S. Department of Commerce. May 2015. |
[3] | Cybersecurity Good Practices Guide HA032968 Issue 1 July 2017. Schneider electric. www.eurotherm.nl. |
[4] | Dylan Jenkins. Grid Automation Cyber Security. September 2019. ABB. |
[5] | Handbook for Self-Assessing Security Vulnerabilities & Risks of Industrial Control Systems on DoD Installations. December 2012. USA Departement of defence. www.wbdg.org. |
[6] | Homeland Security. Recommended Practice: Improving Industrial Control System Cybersecurity with Defense-in-Depth Strategies. Industrial Control Systems Cyber Emergency Response Team. September 2016. www.iiconsortium.org. |
[7] | NSTB Assessments Summary Report: Common Industrial Control System Cyber Security Weaknesses. The INL is a U.S. Department of Energy National Laboratory operated by Battelle Energy Alliance. May 2010. www.fas.org. |
[8] | Matus Korman Industrial information and control systems, KTH. Cyber Security in Power Systems. 2016. www.kth.se. |
[9] | Rafay Baloch. Ethical hacking and penetration testing guide. |
[10] | Jason Allnutt, Dhananjay Anand, Douglas Arnold, Allen Goldstein, Ya-Shian Li-Baboud, Aaron Martin, Cuong Nguyen, Robert Noseworthy, Ravi Subramaniam, Marc Weiss. Timing Challenges in the Smart Grid. |
[11] | Richard Candell, Timothy Zimmerman, Keith Stouffer, An Industrial Control System Cybersecurity Performance Testbed, http://dx.doi.org/10.6028/NIST.IR.8089.november 2015. |
[12] | Dr EDWARD. G AMOROSO. 2017 Tag cyber security annual. Volume 1. Practical Handbook and reference guide for the working cyber security professional. Version 1.0 September 2016. attivonetworks.com. |
[13] | Arthur Gervais. Security Analysis of Industrial Control Systems. Master's Thesis Espoo, June 29, 2012. KTH Stockholm and Aalto University. |
[14] | Der-Yeuan Yuy, Aanjhan Ranganathany, Thomas Locherz, Srdjan Capkuny, David Basin. Short Paper: Detection of GPS Spoofing Attacks in Power Grids. |
[15] | Teodor Sommestad, Göran N. Ericsson. SCADA System Cyber Security – A Comparison of Standards. |
[16] | TALBANI Rachid. Industrial Security the essential basics for industrial automation. Siemens. |
APA Style
Tschroub Abdelghani. (2020). Implementation of Defense in Depth Strategy to Secure Industrial Control System in Critical Infrastructures. American Journal of Artificial Intelligence, 3(2), 17-22. https://doi.org/10.11648/j.ajai.20190302.11
ACS Style
Tschroub Abdelghani. Implementation of Defense in Depth Strategy to Secure Industrial Control System in Critical Infrastructures. Am. J. Artif. Intell. 2020, 3(2), 17-22. doi: 10.11648/j.ajai.20190302.11
AMA Style
Tschroub Abdelghani. Implementation of Defense in Depth Strategy to Secure Industrial Control System in Critical Infrastructures. Am J Artif Intell. 2020;3(2):17-22. doi: 10.11648/j.ajai.20190302.11
@article{10.11648/j.ajai.20190302.11, author = {Tschroub Abdelghani}, title = {Implementation of Defense in Depth Strategy to Secure Industrial Control System in Critical Infrastructures}, journal = {American Journal of Artificial Intelligence}, volume = {3}, number = {2}, pages = {17-22}, doi = {10.11648/j.ajai.20190302.11}, url = {https://doi.org/10.11648/j.ajai.20190302.11}, eprint = {https://article.sciencepublishinggroup.com/pdf/10.11648.j.ajai.20190302.11}, abstract = {The goal of this communication is to examine the implementation of defense in depth strategy to secure the industrial control systems (ICS) from threats, hackers, vandals and other ones that can damage the critical infrastructures (gas transportation network, power transmission network, power generation, power distribution grids, air traffic, petrochemical industries, rail traffic, military industries) and others big infrastructures that affect large number of persons and security of nations [1]. The defense in depth concept ensures the physical access protection of the infrastructure, using network access control system (NAC) and traditional security measures, and implements policies and procedures that deal training and cybersecurity awareness programs, risk assessment (analyzing and documenting), and the plan of security. The philosophy of defense in depth uses also the IT technologies in order to ensure separation and segmentations of the networks to the VLANs, demilitarized zones, VPN, using firewalls, switch and routers. The hardening of different systems installed like routers, firewalls, switches and other devices on the network such as SCADA servers is a very sensitive operation of defense in depth. The last important operations are monitoring and maintenance, the monitoring serve to detect and stop intrusions attempts before they can damage the control system with using detection and protection system (IDS/IPS), and the maintenance operations control system (soft and hard), schedule updating of anti-virus software on different devices installed in the network like (computers, SCADA servers, routers, switch and other devices). The defense-in-depth recommendations described in this document can decrease the risk of attacks can target industrial network architectures, like VLAN hopping, SQL injection on SCADA, IP spoofing and DoS (denies of service) and others ones. The risk of attacks can use a common point of access as point of failures (RTU, corporate VPNs, database links, wireless communication, and IT controlled communication equipment). The implementation strict of the defense in depth concept can avoid important damage of critical infrastructures such as loss of production, damage to plant, impact on reputation, impact of health, impact of safety, impact of environment and impact on nation’s security.}, year = {2020} }
TY - JOUR T1 - Implementation of Defense in Depth Strategy to Secure Industrial Control System in Critical Infrastructures AU - Tschroub Abdelghani Y1 - 2020/01/16 PY - 2020 N1 - https://doi.org/10.11648/j.ajai.20190302.11 DO - 10.11648/j.ajai.20190302.11 T2 - American Journal of Artificial Intelligence JF - American Journal of Artificial Intelligence JO - American Journal of Artificial Intelligence SP - 17 EP - 22 PB - Science Publishing Group SN - 2639-9733 UR - https://doi.org/10.11648/j.ajai.20190302.11 AB - The goal of this communication is to examine the implementation of defense in depth strategy to secure the industrial control systems (ICS) from threats, hackers, vandals and other ones that can damage the critical infrastructures (gas transportation network, power transmission network, power generation, power distribution grids, air traffic, petrochemical industries, rail traffic, military industries) and others big infrastructures that affect large number of persons and security of nations [1]. The defense in depth concept ensures the physical access protection of the infrastructure, using network access control system (NAC) and traditional security measures, and implements policies and procedures that deal training and cybersecurity awareness programs, risk assessment (analyzing and documenting), and the plan of security. The philosophy of defense in depth uses also the IT technologies in order to ensure separation and segmentations of the networks to the VLANs, demilitarized zones, VPN, using firewalls, switch and routers. The hardening of different systems installed like routers, firewalls, switches and other devices on the network such as SCADA servers is a very sensitive operation of defense in depth. The last important operations are monitoring and maintenance, the monitoring serve to detect and stop intrusions attempts before they can damage the control system with using detection and protection system (IDS/IPS), and the maintenance operations control system (soft and hard), schedule updating of anti-virus software on different devices installed in the network like (computers, SCADA servers, routers, switch and other devices). The defense-in-depth recommendations described in this document can decrease the risk of attacks can target industrial network architectures, like VLAN hopping, SQL injection on SCADA, IP spoofing and DoS (denies of service) and others ones. The risk of attacks can use a common point of access as point of failures (RTU, corporate VPNs, database links, wireless communication, and IT controlled communication equipment). The implementation strict of the defense in depth concept can avoid important damage of critical infrastructures such as loss of production, damage to plant, impact on reputation, impact of health, impact of safety, impact of environment and impact on nation’s security. VL - 3 IS - 2 ER -