THE 3 rd INTERNATIONAL SCIENTIFIC CONFERENCES OF STUDENTS AND YOUNG RESEARCHERS dedicated to the 99
th
anniversary of the National Leader of Azerbaijan Heydar Aliyev
145
In addition to isolation, containerization enables us to utilize another
defense-in-depth strategy to reduce the attack surface. Via analysis, we
discover the superset of system calls that a module requires to run properly
and build a corresponding system call policy. Based on the system call
policy, we decrease the attack surface by disabling unused APIs of the
underlying OS, which neutralizes some of the kernel vulnerabilities of PLCs.
References [1] Mariana Hentea, “Improving Security for SCADA Control Systems”.
[2] Seyedhamed Ghavamnia, Tapti Palit, Azzedine Benameur, Michalis Polychronakis, “Confine:
Automated System Call Policy Generation for Container Attack Surface Reduction”.
[3] Thomas Goldschmidt, Stefan Hauck-Stattelmann, Somayeh Malakuti, Sten Grüner,
“Container-based architecture for flexible industrial control applications”.
INDUSTRIAL CONTROL SYSTEMS FROM A RED TEAMER’S PERSPECTIVE Sanan Hasanov Baku Higher Oil School Baku, Azerbaijan senan.hasanov.std@bhos.edu.az Supervisor: Ph.D Associate Professor Naila Allahverdiyeva Keywords: ICS, Cybersecurity, Red teaming
With the application of the industrial control system in safety-critical
national infrastructure, control system analysis and verification have become
an important part of defense mechanisms. Stuxnet, a powerful malware
worm that targets SCADA in critical infrastructure businesses, was
discovered recently uploading the Programmable Logic Controllers (PLC)
that govern industrial automation processes. Furthermore, this malware
allows attackers to take control of vital plant activities from remote locations.
Velagapalli and Ramkumar presented a solution for securing SCADA
systems that relied on trusted basic non-programmable hardware chips
known as STCB. Because of the minimal complexity of STCB chips, they can
be used to verify and construct complicated trusted functionalities of system
controllers. Their strategy, however, assumes that malicious attacks do not
spoof all data from sensors and actuators. The majority of the attempts
described above are based on quantitative mathematical models that employ
optimization and control theories that have been successfully applied to
physical systems. While these tactics are beneficial, the majority of them are
based on assumptions that do not hold true in cyber security scenarios.