Securing Industrial Control Systems

  • Marina KrotofilEmail author
  • Klaus Kursawe
  • Dieter Gollmann
Part of the Advanced Sciences and Technologies for Security Applications book series (ASTSA)


We propose controllability, observability, and operability as the core security objectives of a control system, whilst the much-used triad of confidentiality, integrity, and availability captures the security requirements on IT infrastructures. We discuss how the deployment of IT in industrial control systems has changed the attack surface, how this invalidates assumptions about independent failure modes crucial in safety design, and explain why stronger IT infrastructure security does not necessarily imply better ICS security. We show how process physics can be used to carry attack payloads and thus become an instrument for the attacker, and argue that ICS security standards should expand their scope to the physical processes layer.


ICS security IIoT Controllability Observability Operability Integrity Veracity Safety 


  1. 1.
    Alcaraz C, Lopez J (2017) A cyber-physical systems-based checkpoint model for structural controllability. IEEE Syst J 12:3543–3554CrossRefGoogle Scholar
  2. 2.
    Alves-Foss J, Oman PW, Taylor C, Harrison WS (2006) The mils architecture for high-assurance embedded systems. Int J Embed Syst 2(3–4):239–247CrossRefGoogle Scholar
  3. 3.
    Arthur W, Challener D (2015) A practical guide to TPM 2.0: using the Trusted Platform Module in the new age of security. Apress, BerkeleyCrossRefGoogle Scholar
  4. 4.
    Barreto C, Cárdenas AA, Quijano N (2013) Controllability of dynamical systems: threat models and reactive security. In: International Conference on Decision and Game Theory for Security. Springer, pp 45–64Google Scholar
  5. 5.
    Bell DE, LaPadula LJ (1973) Secure computer systems: mathematical foundations. Technical report, MITRE CORP BEDFORD MAGoogle Scholar
  6. 6.
    Biba KJ (1977) Integrity considerations for secure computer systems. Technical report, MITRE CORP BEDFORD MAGoogle Scholar
  7. 7.
    Bratus S, Locasto M, Patterson M, Sassaman L, Shubina A (2011) Exploit programming: from buffer overflows to weird machines and theory of computation. {USENIX; login:}Google Scholar
  8. 8.
    Byres E (2012) Using ANSI/ISA-99 standards to improve control system security. White paper, Tofino SecurityGoogle Scholar
  9. 9.
    Carvalho M, DeMott J, Ford R, Wheeler DA (2014) Heartbleed 101. IEEE Secur Priv 12(4):63–67CrossRefGoogle Scholar
  10. 10.
    Christey S (2007) Unforgivable vulnerabilities. Black Hat Brief 13:17Google Scholar
  11. 11.
    Clark DD, Wilson DR (1987) A comparison of commercial and military computer security policies. In: Proceedings of the 1987 IEEE Symposium on Security and Privacy, pp 184–194Google Scholar
  12. 12.
    Dabrowski A, Ullrich J, Weippl ER (2017) Grid shock: coordinated load-changing attacks on power grids: the non-smart power grid is vulnerable to cyber attacks as well. In: Proceedings of the 33rd Annual Computer Security Applications Conference. ACM, pp 303–314Google Scholar
  13. 13.
    Duntemann J (2004) The lessons of software monoculture. SD Times, p 28, 1 Nov 2004Google Scholar
  14. 14.
    Etalle S (2017) From intrusion detection to software design. In: European Symposium on Research in Computer Security. Springer, pp 1–10Google Scholar
  15. 15.
    Fu K, Xu W (2018) Risks of trusting the physics of sensors. Commun ACM 61(2):20–23CrossRefGoogle Scholar
  16. 16.
    Glaessgen E, Stargel D (2012) The digital twin paradigm for future nasa and us air force vehicles. In: 53rd AIAA/ASME/ASCE/AHS/ASC Structures, Structural Dynamics and Materials Conference 20th AIAA/ASME/AHS Adaptive Structures Conference 14th AIAA, p 1818Google Scholar
  17. 17.
    Gollmann D, Gurikov P, Isakov A, Krotofil M, Larsen J, Winnicki A (2015) Cyber-physical systems security: experimental analysis of a vinyl acetate monomer plant. In: Proceedings of the 1st ACM Workshop on Cyber-Physical System Security. ACM, pp 1–12Google Scholar
  18. 18.
    Jovanovic P, Neves S (2015) Practical cryptanalysis of the open smart grid protocol. In: International Workshop on Fast Software Encryption. Springer, pp 297–316Google Scholar
  19. 19.
    Kocher P, Genkin D, Gruss D, Haas W, Hamburg M, Lipp M, Mangard S, Prescher T, Schwarz M, Yarom Y (2018) Spectre attacks: exploiting speculative execution. arXiv preprint arXiv:1801.01203Google Scholar
  20. 20.
    Krotofil M, Larsen J, Gollmann D (2015) The process matters: ensuring data veracity in cyber-physical systems. In: Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security. ACM, pp 133–144Google Scholar
  21. 21.
    Kursawe K, Peters C (2015) Structural weaknesses in the open smart grid protocol. In: 2015 10th International Conference on Availability, Reliability and Security (ARES). IEEE, pp 1–10Google Scholar
  22. 22.
    Lampson BW (1973) A note on the confinement problem. Commun ACM 16(10):613–615CrossRefGoogle Scholar
  23. 23.
    Leverett E, Wightman R (2013) Vulnerability inheritance programmable logic controllers. In: Proceedings of the Second International Symposium on Research in Grey-Hat HackingGoogle Scholar
  24. 24.
    Lions J-L, Lübeck L, Fauquembergue J-L, Kahn G, Kubbat W, Levedag S, Mazzini L, Merle D, O’Halloran C (1996) Ariane 5 flight 501 failure report by the inquiry boardGoogle Scholar
  25. 25.
    Lipp M, Schwarz M, Gruss D, Prescher T, Haas W, Mangard S, Kocher P, Genkin D, Yarom Y, Hamburg M (2018) Meltdown. arXiv preprint arXiv:1801.01207Google Scholar
  26. 26.
    McQueen M, Giani A (2011) ‘Known secure sensor measurements’ for critical infrastructure systems: detecting falsification of system state. In: International Workshop on Software Engineering for Resilient Systems. Springer, pp 156–163Google Scholar
  27. 27.
    Sharifzadeh M (2013) Integration of process design and control: a review. Chem Eng Res Des 91(12):2515–2549CrossRefGoogle Scholar
  28. 28.
    Tung L (2018) Meltdown-spectre: more businesses warned off patching over stability issues., 15 Jan 2018
  29. 29.
    Unified Extensible Firmware Interface specification, Version 2.5, April 2015Google Scholar
  30. 30.
    U.S. Chemical Safety Board (2011) Dupont corporation toxic chemical releases: investigation report, July 2011Google Scholar
  31. 31.
    Verizon (2016) Data breach digest. Scenarios from the fieldGoogle Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  • Marina Krotofil
    • 1
    Email author
  • Klaus Kursawe
    • 2
  • Dieter Gollmann
    • 1
    • 3
  1. 1.Security in Distributed ApplicationsHamburg University of TechnologyHamburgGermany
  2. 2.GridSECThe HagueThe Netherlands
  3. 3.SCSENanyang Technological UniversitySingaporeSingapore

Personalised recommendations