Tezislər / Theses
Yüklə 17,55 Mb. Pdf görüntüsü
|
|
THE 3
rd INTERNATIONAL SCIENTIFIC CONFERENCES OF STUDENTS AND YOUNG RESEARCHERS dedicated to the 99 th anniversary of the National Leader of Azerbaijan Heydar Aliyev 144 They are utilized in industrial process plants, such as steel production, power generation, distribution, nuclear fusion, and infrastructure utilities. In the past, SCADA systems used to be isolated from the global network (internet), however, as the SCADA systems have evolved over time, they have integrated with enterprise networks, made use of TCP/IP for data transmission, and even become connected to the global network. The security of critical infrastructure, industrial control systems, and SCADA control systems are being impacted by the ongoing increase of cyber security threats and attacks, particularly the increasing sophistication of malware. There have been numerous cyber-attacks specifically targeted SCADA systems. For instance, one of the most complex malware, called Stuxnet, infected one-fifth of the nuclear power centrifuges in Iran and some systems in the USA. Since the malware can self-replicate, it could spread across multiple systems through LANs, network file sharing, removable drivers, Simens Step 7, etc. The malware was designed to look for specific software to be installed on and the exact equipment to be connected to a SCADA system. If it found all the precise configurations, it modified and sabotaged the code on PLCs. Duqu, Flame, and Gauss malware, which was discovered by Hungarian cyber security researchers, gathers confidential information. To hide data transmission, it sends typical HTTP traffic with attached encrypted data in a .jpg file. It makes use of microphones, web cameras, keystroke logging, and the extraction of geolocation data from images. The integration of IT into physical systems has brought the aforementioned threats. Therefore, it is necessary to utilize IT solutions in SCADA systems too. Any device of a SCADA system runs several modules that use a common operating system. DOS, VMS, and UNIX were once the operating systems of choice for SCADA systems. Although UNIX used to be the primary operating system for SCADA systems, Linux is increasingly displacing UNIX systems. No matter whether an attacker/malware tries to encrypt SCADA data, infect other software pieces or send data to an attacker-controlled destination, the underlying operating system kernel handles them. Even sometimes, the vulnerability that is abused is related to the kernel itself. The solution is containerization that could enhance security in today’s industry 4.0. Industrial automation practices are becoming more complex and a PLC can be hosting multiple services like NODE-Red, Grafana, InfluxDB, and Machine Learning modules. By running each module in a separate container, we can isolate the process from the underlying Linux kernel regarding the file system and network. This way, even if a module is compromised by an attacker or infected by malware, it cannot spread to other processes or abuse the OS. With the help of containerization, modern and intelligent Linux-based PLCs, which still have the characteristics of a classic PLC, become more cyber resilient. |