Tezislər / Theses
Yüklə 17,55 Mb. Pdf görüntüsü
|
- Bu səhifədəki naviqasiya:
- INDUSTRIAL CONTROL SYSTEMS FROM A RED TEAMER’S PERSPECTIVE Sanan Hasanov
|
THE 3
rd INTERNATIONAL SCIENTIFIC CONFERENCES OF STUDENTS AND YOUNG RESEARCHERS dedicated to the 99 th anniversary of the National Leader of Azerbaijan Heydar Aliyev 145 In addition to isolation, containerization enables us to utilize another defense-in-depth strategy to reduce the attack surface. Via analysis, we discover the superset of system calls that a module requires to run properly and build a corresponding system call policy. Based on the system call policy, we decrease the attack surface by disabling unused APIs of the underlying OS, which neutralizes some of the kernel vulnerabilities of PLCs. References [1] Mariana Hentea, “Improving Security for SCADA Control Systems”. [2] Seyedhamed Ghavamnia, Tapti Palit, Azzedine Benameur, Michalis Polychronakis, “Confine: Automated System Call Policy Generation for Container Attack Surface Reduction”. [3] Thomas Goldschmidt, Stefan Hauck-Stattelmann, Somayeh Malakuti, Sten Grüner, “Container-based architecture for flexible industrial control applications”. INDUSTRIAL CONTROL SYSTEMS FROM A RED TEAMER’S PERSPECTIVE Sanan Hasanov Baku Higher Oil School Baku, Azerbaijan senan.hasanov.std@bhos.edu.az Supervisor: Ph.D Associate Professor Naila Allahverdiyeva Keywords: ICS, Cybersecurity, Red teaming With the application of the industrial control system in safety-critical national infrastructure, control system analysis and verification have become an important part of defense mechanisms. Stuxnet, a powerful malware worm that targets SCADA in critical infrastructure businesses, was discovered recently uploading the Programmable Logic Controllers (PLC) that govern industrial automation processes. Furthermore, this malware allows attackers to take control of vital plant activities from remote locations. Velagapalli and Ramkumar presented a solution for securing SCADA systems that relied on trusted basic non-programmable hardware chips known as STCB. Because of the minimal complexity of STCB chips, they can be used to verify and construct complicated trusted functionalities of system controllers. Their strategy, however, assumes that malicious attacks do not spoof all data from sensors and actuators. The majority of the attempts described above are based on quantitative mathematical models that employ optimization and control theories that have been successfully applied to physical systems. While these tactics are beneficial, the majority of them are based on assumptions that do not hold true in cyber security scenarios. |