The Problem of Selecting APCS’ Information Security Tools

  • Andrew S. RimshaEmail author
  • Konstantin S. Rimsha
Part of the Studies in Systems, Decision and Control book series (SSDC, volume 260)


This article discusses the problem of selecting information security tools for one of the varieties of cyber-physical systems—automated process control systems. The study of several classes of solutions was conducted, considering their application in automated systems. Based on the formed criteria, a comparison was made; as a result, a tool was determined according to its characteristics that most met the criteria. Requirements were formed for popular existing solutions of this class, considering the specific features of providing information security systems for automated process control systems. None of the solutions fully met the specified requirements, therefore, a methodology was proposed that would solve this problem.


Cyber-physical systems Automated process control systems Threat modeling tools Risk assessment 


  1. 1.
    Zegzhda, D., Poltavtseva, M., Lavrova, D.: Systematization and security assessment of cyber-physical systems. Autom. Control Comput. Sci. 51(8), 835–843 (2017). Scholar
  2. 2.
    Alguliyev, R., Imamverdiyev, Y., Sukhostat, L.: Cyber-physical systems and their security issues. Comput. Ind. 100, 212–223 (2018). Scholar
  3. 3.
    Zegzhda, D., Stepanova, T.: Approach to APCS protection from cyber threats. Autom. Control Comput. Sci. 49(8), 659–664 (2015). Scholar
  4. 4.
    Huang, S., Zhou, C.J., Yang, S.H., Qin, Y.Q.: Cyber-physical system security for networked industrial processes. Int. J. Autom. Comput. 12(6), 567–578. (2015)
  5. 5.
    Okhravi, H., Sheldon, F., Haines, J.: Data diodes in support of trustworthy cyber infrastructure and net-centric cyber decision support. In: Pappu, V., Carvalho, M., Pardalos, P. (eds.) Optimization and Security Challenges in Smart Power Grids. Energy Systems. Springer, Berlin, Heidelberg (2013).
  6. 6.
    Oman, P., Phillips, M.: Intrusion detection and event monitoring in SCADA networks. In: Goetz, E., Shenoi, S. (eds.) Critical Infrastructure Protection. ICCIP 2007. IFIP International Federation for Information Processing, vol. 253. Springer, Boston, MA (2008).
  7. 7.
    Parry, J., Hunter, D., Radke, K., Fidge, C.: A network forensics tool for precise data packet capture and replay in cyber-physical systems. In: Proceedings of the Australasian Computer Science Week Multiconference, No. 22 (2016).
  8. 8.
    Coppolino, L., D’Antonio, S., Formicola, V., Romano, L.: Enhancing SIEM technology to protect critical infrastructures. In: Hämmerli, B.M., Kalstad Svendsen, N., Lopez, J. (eds.) Critical Information Infrastructures Security. Lecture Notes in Computer Science, vol. 7722. Springer, Berlin, Heidelberg (2013).
  9. 9.
    Samtani, S., Yu, S., Zhu, H., Patton, M., Chen, H.: Identifying SCADA vulnerabilities using passive and active vulnerability assessment techniques. In: IEEE Conference on Intelligence and Security Informatics (ISI), pp. 25–30 (2016).
  10. 10.
    Paté‐Cornell, M.E., Kuypers, M., Smith, M., Keller, P.: Cyber risk management for critical infrastructure: a risk analysis model and three case studies. Risk Anal. 38(2), 226–241 (2017).
  11. 11.
    Kerzhner, A.A., Tan, K., Fosse, E.: Analyzing cyber security threats on cyber-physical systems using Model-Based Systems Engineering. In: AIAA SPACE 2015 Conference and Exposition (2015).
  12. 12.
    Al-Mohannadi, H., Mirza, Q., Namanya, A., Awan, I., Cullen, A., Disso, J., Cyber-attack modeling analysis techniques: an overview. In: 2016 IEEE 4th International Conference on Future Internet of Things and Cloud Workshops (FiCloudW), pp. 69–76 (2016).
  13. 13.
    Yang, Y., Lu, J., Choo, K.K.R., Liu, J.K.: On lightweight security enforcement in cyber-physical systems. In: Güneysu, T., Leander, G., Moradi, A. (eds.) Lightweight Cryptography for Security and Privacy. LightSec 2015. Lecture Notes in Computer Science, vol. 9542. Springer, Cham (2016).
  14. 14.
    Xie, F., Peng, Y., Zhao, W., Gao, Y., Han, X.: Evaluating industrial control devices security: standards, technologies and challenges. In: Saeed, K., Snášel, V. (eds.) Computer Information Systems and Industrial Management. CISIM 2015. Lecture Notes in Computer Science, vol. 8838. Springer, Berlin, Heidelberg (2014).
  15. 15.
    Cherdantseva, Y., Burnap, P., Blyth, A., Eden, P., Jones, K., Soulsby, H., Stoddart, K.: A review of cyber security risk assessment methods for SCADA systems. Comput. Secur. 56, 1–27 (2016). Scholar
  16. 16.
    Kalashnikov, A., Sakrutina, E.: The model of evaluating the risk potential for critical infrastructure plants of nuclear power plants. In: Eleventh International Conference “Management of Largescale System Development”, Moscow (2018).
  17. 17.
    Singhal, A., Ou, X.: Security risk analysis of enterprise networks using probabilistic attack graphs. In: Network Security Metrics. Springer, Cham (2017).
  18. 18.
    Rimsha, A., Zakharov, A.: Method for risk assessment of industrial networks’ information security of gas producing enterprise. In: Global Smart Industry Conference (GloSIC), Chelyabinsk (2018).
  19. 19.
    Sadeghi, A., Wachsmann, C., Waidner, M.: Security and privacy challenges in industrial internet of things. In: 2015, 52nd ACM/EDAC/IEEE Design Automation Conference (DAC), pp. 1-6 (2015).
  20. 20.
    Doynikova, E., Chechulin, A., Kotenko, I.: Analytical at-tack modeling and security assessment based on the common vulnerability scoring system. In: 20th Conference of Open Innovations Association (FRUCT), St. Petersburg, pp. 53–61 (2017).
  21. 21.
    McCormac, A., Zwaans, T., Parsons, K., Calic, D., Bu-tavicius, M., Pattinson, M.: Individual differences and information security awareness. Comput. Hum. Behav. 69, 151–156 (2017). Scholar
  22. 22.
    Colombo, A.W., Karnouskos, S., Bangemann, T.: Towards the next generation of industrial cyber-physical systems. In: Colombo, A., et al. (eds.) Industrial Cloud-Based Cyber-Physical Systems. Springer, Cham (2014).

Copyright information

© Springer Nature Switzerland AG 2020

Authors and Affiliations

  1. 1.Tyumen State UniversityTyumenRussia

Personalised recommendations