ebook img

Security of Industrial Control Systems and Cyber-Physical Systems: Second International Workshop, CyberICPS 2016, Heraklion, Crete, Greece, September 26-30, 2016, Revised Selected Papers PDF

127 Pages·2017·4.463 MB·English
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview Security of Industrial Control Systems and Cyber-Physical Systems: Second International Workshop, CyberICPS 2016, Heraklion, Crete, Greece, September 26-30, 2016, Revised Selected Papers

Nora Cuppens-Boulahia Costas Lambrinoudakis Frédéric Cuppens Sokratis Katsikas (Eds.) Security of Industrial 6 6 1 Control Systems and 0 1 S C Cyber-Physical Systems N L Second International Workshop, CyberICPS 2016 Heraklion, Crete, Greece, September 26–30, 2016 Revised Selected Papers 123 Lecture Notes in Computer Science 10166 Commenced Publication in 1973 Founding and Former Series Editors: Gerhard Goos, Juris Hartmanis, and Jan van Leeuwen Editorial Board David Hutchison Lancaster University, Lancaster, UK Takeo Kanade Carnegie Mellon University, Pittsburgh, PA, USA Josef Kittler University of Surrey, Guildford, UK Jon M. Kleinberg Cornell University, Ithaca, NY, USA Friedemann Mattern ETH Zurich, Zurich, Switzerland John C. Mitchell Stanford University, Stanford, CA, USA Moni Naor Weizmann Institute of Science, Rehovot, Israel C. Pandu Rangan Indian Institute of Technology, Madras, India Bernhard Steffen TU Dortmund University, Dortmund, Germany Demetri Terzopoulos University of California, Los Angeles, CA, USA Doug Tygar University of California, Berkeley, CA, USA Gerhard Weikum Max Planck Institute for Informatics, Saarbrücken, Germany More information about this series at http://www.springer.com/series/7410 Nora Cuppens-Boulahia Costas Lambrinoudakis (cid:129) é é Fr d ric Cuppens Sokratis Katsikas (Eds.) (cid:129) Security of Industrial Control Systems and Cyber-Physical Systems Second International Workshop, CyberICPS 2016 – Heraklion, Crete, Greece, September 26 30, 2016 Revised Selected Papers 123 Editors Nora Cuppens-Boulahia Frédéric Cuppens Telecom Bretagne Telecom Bretagne CessonSevigne CessonSevigne France France Costas Lambrinoudakis Sokratis Katsikas University of Piraeus NorwegianUniversity of Science Piraeus andTechnology Greece Gjøvik Norway ISSN 0302-9743 ISSN 1611-3349 (electronic) Lecture Notesin Computer Science ISBN 978-3-319-61436-6 ISBN978-3-319-61437-3 (eBook) DOI 10.1007/978-3-319-61437-3 LibraryofCongressControlNumber:2017943078 LNCSSublibrary:SL4–SecurityandCryptology ©SpringerInternationalPublishingAG2017 Thisworkissubjecttocopyright.AllrightsarereservedbythePublisher,whetherthewholeorpartofthe material is concerned, specifically the rights of translation, reprinting, reuse of illustrations, recitation, broadcasting, reproduction on microfilms or in any other physical way, and transmission or information storageandretrieval,electronicadaptation,computersoftware,orbysimilarordissimilarmethodologynow knownorhereafterdeveloped. Theuseofgeneraldescriptivenames,registerednames,trademarks,servicemarks,etc.inthispublication doesnotimply,evenintheabsenceofaspecificstatement,thatsuchnamesareexemptfromtherelevant protectivelawsandregulationsandthereforefreeforgeneraluse. Thepublisher,theauthorsandtheeditorsaresafetoassumethattheadviceandinformationinthisbookare believedtobetrueandaccurateatthedateofpublication.Neitherthepublishernortheauthorsortheeditors give a warranty, express or implied, with respect to the material contained herein or for any errors or omissionsthatmayhavebeenmade.Thepublisherremainsneutralwithregardtojurisdictionalclaimsin publishedmapsandinstitutionalaffiliations. Printedonacid-freepaper ThisSpringerimprintispublishedbySpringerNature TheregisteredcompanyisSpringerInternationalPublishingAG Theregisteredcompanyaddressis:Gewerbestrasse11,6330Cham,Switzerland Preface This book presents the revised and selected papers of the Second Workshop on the SecurityofIndustrialControlSystemsandCyber-PhysicalSystems(CyberICPS2016), held in Crete, Greece, during September 26–30, 2016, and co-located with the 21st European Symposium on Research in Computer Security (ESORICS 2016). Theeventaimstoaddresstheincreasingnumberofcyberthreatsthatcyber-physical systems operators around the world face. Cyber-physical systems range in size, com- plexity,andcriticality,fromembeddedsystemsusedinsmartvehicles,toSCADAand industrial control systems like energy and water distribution systems, smart trans- portation systems etc. Theworkshopprogramincludedtwoinvitedpapersandfivefullpapers.Theinvited papers were entitled “Security of Cyber-Physical Systems: From Theory to Testbeds and Validation” and “Critical Infrastructure Protection: A Holistic Methodology for Greece” presented by Joaquin Garcia-Alfaro (Telecom SudParis, CNRS, Université Paris-Saclay,Evry,France)andGeorgeStergiopoulos(InformationSecurity&Critical Infrastructure Protection Laboratory, Department of Informatics, Athens University of Economics & Business, Greece), respectively. The reviewed paper sessions covered topics related to the management of cyber-security in industrial control systems and cyber-physical systems, including security monitoring, trust management, security policies and measures. Wewouldliketoexpressourthankstothepeoplewhoassistedusinorganizingthe event and formulating the program. We are very grateful to the Program Committee membersfortheirtimelyandrigorousreviewsofthepapers.Finally,wewouldliketo thank all authors who submitted papers for the event and contributed to an interesting set of conference proceedings. March 2017 Nora Cuppens-Boulahia Costas Lambrinoudakis Frédéric Cuppens Sokratis Katsikas Organization General Chairs Frédéric Cuppens Télécom Bretagne, France Sokratis Katsikas Center for Cyber and Information Security, Norwegian University of Science and Technology, Norway Program Committee Co-chairs Nora Cuppens-Boulahia Télécom Bretagne, France Costas Lambrinoudakis University of Piraeus, Greece Program Committee Alcaraz Cristina University of Malaga, Spain Ayed Samiha IMT-Telecom-Bretagne, France Conti Mauro University of Padua, Italy Debar Hervé Télécom SudParis, France Debbabi Mourad Concordia University, Canada Espes David University of Brest, France Gollmann Dieter Hamburg University of Technology, Germany Kanoun Waël Alcatel-Lucent Bell Labs, France Mambo Masahiro Kanazawa University, Japan Mauw Sjouke University of Luxembourg, Luxembourg Meng Weizhi Institute for Infocomm Research, Singapore Mitchell Chris Royal Holloway, University of London, UK Röning Juha University of Oulu, Finland Roudier Yves EURECOM, France Vyskoc Jozef VaF, Slovakia Wahid Khan Ferdous Airbus Defence and Space GmbH, Germany Wolthusen Stephen Royal Holloway, University of London, UK Zanero Stefano Politecnico di Milano, Italy Contents Invited Papers Security of Cyber-Physical Systems: From Theory to Testbeds and Validation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 Jose Rubio-Hernan, Juan Rodolfo-Mejias, and Joaquin Garcia-Alfaro Critical Infrastructure Protection: A Holistic Methodology for Greece . . . . . . 19 Dimitris Gritzalis, George Stergiopoulos, Panayiotis Kotzanikolaou, Emmanouil Magkos, and Georgia Lykou Full Papers A Security Policy Infrastructure for Tactical Service Oriented Architectures . . . 37 Vasileios Gkioulos and Stephen D. Wolthusen Physical Attestation and Authentication to Detect Cheating in Resource Constrained Smart Micro-grids. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52 Pacome L. Ambassa, Stephen D. Wolthusen, Anne V.D.M. Kayem, and Christoph Meinel Decentralised Scheduling of Power Consumption in Micro-grids: Optimisation and Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69 Goitom K. Weldehawaryat, Pacome L. Ambassa, Anesu M.C. Marufu, Stephen D. Wolthusen, and Anne V.D.M. Kayem Security Issues and Mitigation in Ethernet POWERLINK. . . . . . . . . . . . . . . 87 Jonathan Yung, Hervé Debar, and Louis Granboulan Secure Communication and Authentication Against Off-line Dictionary Attacks in Smart Grid Systems . . . . . . . . . . . . . . . . . . . . . . . . . 103 Yongge Wang Author Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 121 Invited Papers Security of Cyber-Physical Systems From Theory to Testbeds and Validation B Jose Rubio-Hernan, Juan Rodolfo-Mejias, and Joaquin Garcia-Alfaro( ) SAMOVAR, Telecom SudParis, CNRS, Universit´e Paris-Saclay, Evry, France {jose.rubio hernan,juan.mejia rojas, joaquin.garcia alfaro}@telecom-sudparis.eu Abstract. Traditional control environments connected to physical sys- tems are being upgraded with novel information and communication technologies. The resulting systems need to be adequately protected. Experimental testbeds are crucial for the study and analysis of ongo- ing threats against those resulting cyber-physical systems. The research presented in this paper discusses some actions towards the development of a replicable and affordable cyber-physical testbed for training and research. The architecture of the testbed is based on real-world com- ponents, and emulates cyber-physical scenarios commanded by SCADA (Supervisory Control And Data Acquisition) technologies. We focus on two representative protocols, Modbus and DNP3. The paper reports as well the development of some adversarial scenarios, in order to evalu- ate the testbed under cyber-physical threat situations. Some detection strategies are evaluated using our proposed testbed. 1 Introduction Traditional control systems are evolving in an effort to reduce complexity and cost. These systems are converging into using a shared network layer, enabling interconnectivitybetweendifferentmanufacturers.Despitealltheevidentadvan- tagesofjoiningthecommunicationlayerinasharednetwork,thisevolutionalso opens the door to the emergence of sophisticated cyber-threats [6,13]. These threats need to be assessed to offer novel countermeasures to minimize the risk when using shared communication layers. Critical services infrastructures, such as water management, transportation of electricity, rail and air traffic control, belong to systems nowadays coined as Cyber-Physical Systems (CPSs). The impact of any security breach to these environments can affect the physical integrity of individuals in contact to those systems. Even basic threats such as replay cyber-physical attacks [22] could potentially cause significant damages if attack detection is not properly under- taken. Within this scope, our goal is to put in practice solutions of theoretical nature, modeled and implemented under realistic scenarios, in order to ana- lyze their effectiveness against intentional attacks. More precisely, we assume cyber-physical environments operated by SCADA (Supervisory Control And Data Acquisition) technologies and industrial control protocols. We focus on two representative protocols, which are widely used in the industry: Modbus (cid:2)c SpringerInternationalPublishingAG2017 N.Cuppens-Boulahiaetal.(Eds.):CyberICPS2016,LNCS10166,pp.3–18,2017. DOI:10.1007/978-3-319-61437-31

See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.