Tezislər / Theses



Yüklə 17,55 Mb.
Pdf görüntüsü
səhifə135/493
tarix02.10.2023
ölçüsü17,55 Mb.
#151572
1   ...   131   132   133   134   135   136   137   138   ...   493
BHOS Tezisler 2022 17x24sm

THE 3
rd
 INTERNATIONAL SCIENTIFIC CONFERENCES OF STUDENTS AND YOUNG RESEARCHERS 
dedicated to the 99
th
anniversary of the National Leader of Azerbaijan Heydar Aliyev
144
They are utilized in industrial process plants, such as steel production, power 
generation, distribution, nuclear fusion, and infrastructure utilities. 
In the past, SCADA systems used to be isolated from the global network 
(internet), however, as the SCADA systems have evolved over time, they 
have integrated with enterprise networks, made use of TCP/IP for data 
transmission, and even become connected to the global network. The 
security of critical infrastructure, industrial control systems, and SCADA 
control systems are being impacted by the ongoing increase of cyber security 
threats and attacks, particularly the increasing sophistication of malware. 
There have been numerous cyber-attacks specifically targeted SCADA 
systems. For instance, one of the most complex malware, called Stuxnet, 
infected one-fifth of the nuclear power centrifuges in Iran and some systems 
in the USA. Since the malware can self-replicate, it could spread across multiple 
systems through LANs, network file sharing, removable drivers, Simens Step 
7, etc. The malware was designed to look for specific software to be installed 
on and the exact equipment to be connected to a SCADA system. If it found 
all the precise configurations, it modified and sabotaged the code on PLCs. 
Duqu, Flame, and Gauss malware, which was discovered by Hungarian 
cyber security researchers, gathers confidential information. To hide data 
transmission, it sends typical HTTP traffic with attached encrypted data in a 
.jpg file. It makes use of microphones, web cameras, keystroke logging, and 
the extraction of geolocation data from images. 
The integration of IT into physical systems has brought the aforementioned 
threats. Therefore, it is necessary to utilize IT solutions in SCADA systems too. 
Any device of a SCADA system runs several modules that use a common 
operating system. DOS, VMS, and UNIX were once the operating systems 
of choice for SCADA systems. Although UNIX used to be the primary 
operating system for SCADA systems, Linux is increasingly displacing UNIX 
systems. No matter whether an attacker/malware tries to encrypt SCADA 
data, infect other software pieces or send data to an attacker-controlled 
destination, the underlying operating system kernel handles them. Even 
sometimes, the vulnerability that is abused is related to the kernel itself. 
The solution is containerization that could enhance security in today’s 
industry 4.0. Industrial automation practices are becoming more complex and 
a PLC can be hosting multiple services like NODE-Red, Grafana, InfluxDB, 
and Machine Learning modules. By running each module in a separate 
container, we can isolate the process from the underlying Linux kernel regarding 
the file system and network. This way, even if a module is compromised by an 
attacker or infected by malware, it cannot spread to other processes or abuse 
the OS. With the help of containerization, modern and intelligent Linux-based 
PLCs, which still have the characteristics of a classic PLC, become more 
cyber resilient. 



Yüklə 17,55 Mb.

Dostları ilə paylaş:
1   ...   131   132   133   134   135   136   137   138   ...   493




Verilənlər bazası müəlliflik hüququ ilə müdafiə olunur ©azkurs.org 2024
rəhbərliyinə müraciət

gir | qeydiyyatdan keç
    Ana səhifə


yükləyin