Improving the cyber resilience of industrial control systems

Andrew Chaves, Mason Rice, Stephen Dunlap, John Pecarina

Research output: Contribution to journalArticlepeer-review

23 Scopus citations

Abstract

Industrial control systems are designed to be resilient, capable of recovering from process faults and failures with limited impact on operations. Current industrial control system resilience strategies use redundant programmable logic controllers. However, these redundant programmable logic controllers, which typically are the same or similar makes and models as the primary controllers, can be exploited by the same cyber attacks that target the primary controllers. This paper proposes a resilience strategy for industrial control systems that employs an active defense technique to reduce, if not eliminate, the likelihood of a common cause failure induced by a cyber attack. The active defense implementation is compared with a traditional industrial control system resilience implementation using a semi-simulated wastewater treatment system that was exposed to cyber attacks. The results demonstrate that the active defense implementation is very effective in the aftermath of a cyber attack whereas the traditional resilience implementation gives rise to a system disruption.

Original languageEnglish
Pages (from-to)30-48
Number of pages19
JournalInternational Journal of Critical Infrastructure Protection
Volume17
DOIs
StatePublished - Jun 2017
Externally publishedYes

Funding

This research was partially supported by the U.S. Department of Homeland Security Industrial Control Systems Cyber Emergency Response Team (ICS-CERT).

FundersFunder number
U.S. Department of Homeland Security

    Keywords

    • Active Defense
    • Common Cause Failure
    • Cyber Resilience
    • Industrial Control Systems
    • Wastewater Treatment System

    Fingerprint

    Dive into the research topics of 'Improving the cyber resilience of industrial control systems'. Together they form a unique fingerprint.

    Cite this