Securing industrial control systems

Link:
Autor/in:
Verlag/Körperschaft:
Hamburg University of Technology
Erscheinungsjahr:
2019
Medientyp:
Text
Schlagworte:
  • Controllability
  • ICS security
  • IIoT
  • Integrity
  • Observability
  • Operability
  • Safety
  • Veracity
Beschreibung:
  • We propose controllability, observability, and operability as the core security objectives of a control system, whilst the much-used triad of confidentiality, integrity, and availability captures the security requirements on IT infrastructures. We discuss how the deployment of IT in industrial control systems has changed the attack surface, how this invalidates assumptions about independent failure modes crucial in safety design, and explain why stronger IT infrastructure security does not necessarily imply better ICS security. We show how process physics can be used to carry attack payloads and thus become an instrument for the attacker, and argue that ICS security standards should expand their scope to the physical processes layer.
Beziehungen:
DOI 10.1007/978-3-030-12330-7_1
Quellsystem:
TUHH Open Research

Interne Metadaten
Quelldatensatz
oai:tore.tuhh.de:11420/3991