A Study on Mitigation Techniques for SCADA-Driven Cyber-Physical Systems (Position Paper)
Cyber-physical systems (CPSs) integrate programmable computing and communication capabilities to traditional physical environments. The use of SCADA (Supervisory Control And Data Acquisition) technologies to build such a new generation of CPSs plays an important role in current critical national-wide infrastructures. SCADA-driven CPSs can be disrupted by cyber-physical attacks, putting at risk human safety, environmental regulation and industrial work. In this paper, we address the aforementioned issues and provide a discussion on the mitigation techniques that aim to optimize the recovery response when a SCADA-driven CPS is under attack. Our discussion paves the way for novel cyber resilience techniques, focusing on the programmable computing and communication capabilities of CPSs, towards new research directions to tolerate cyber-physical attacks.
The authors acknowledge support from the Cyber CNI chair of the Institut Mines-Télécom. The chair is supported by Airbus Defence and Space, Amossys, EDF, Orange, La Poste, Nokia, Société Générale and the Regional Council of Brittany. The chair has been acknowledged by the Center of excellence in Cybersecurity. The authors also acknowledge support from the European Commission, in the framework of the H2020 SPARTA project, under grant agreement 830892.
- 1.Security considerations for reflection: https://docs.microsoft.com/en-us/dotnet/framework/reflection-and-codedom/security-considerations-for-reflection. Accessed 23 Aug 2018
- 2.Cavalli, A.R., Ortiz, A.M., Ouffoué, G., Sanchez, C.A., Zaïdi, F.: Design of a secure shield for internet and web-based services using software reflection. In: Jin, H., Wang, Q., Zhang, L.-J. (eds.) ICWS 2018. LNCS, vol. 10966, pp. 472–486. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-94289-6_30CrossRefGoogle Scholar
- 3.Cómbita, L.F., Giraldo, J., Cárdenas, A.A., Quijano, N.: Response and reconfiguration of cyber-physical control systems: a survey. In: 2015 IEEE 2nd Colombian Conference on Automatic Control (CCAC), pp. 1–6. IEEE (2015)Google Scholar
- 4.Kim, C.: Cyber-resilient industrial control system with diversified architecture and bus monitoring. In: 2016 World Congress on Industrial Control Systems Security (WCICSS), pp. 1–6. IEEE (2016)Google Scholar
- 5.Oracle, J.D.: The reflection API. https://docs.oracle.com/javase/tutorial/reflect/. Accessed 23 Aug 2018
- 6.Ouffoué, G., Zaidi, F., Cavalli, A.R., Lallali, M.: How web services can be tolerant to intruders through diversification. In: 2017 IEEE International Conference on Web Services (ICWS), pp. 436–443. IEEE (2017)Google Scholar
- 7.Ouffoué, G., Zaidi, F., Cavalli, A.R., Lallali, M.: Model-based attack tolerance. In: 2017 31st International Conference on Advanced Information Networking and Applications Workshops (WAINA), pp. 68–73. IEEE (2017)Google Scholar
- 10.Rubio-Hernan, J., De Cicco, L., Garcia-Alfaro, J.: Revisiting a watermark-based detection scheme to handle cyber-physical attacks. In: 2016 11th International Conference on Availability, Reliability and Security (ARES), pp. 21–28. IEEE (2016)Google Scholar
- 14.Sousa, P., Bessani, A.N., Correia, M., Neves, N.F., Verissimo, P.: Resilient intrusion tolerance through proactive and reactive recovery. In: 13th Pacific Rim International Symposium on Dependable Computing (PRDC 2007), pp. 373–380 (2007)Google Scholar
- 15.Teruel, C., Ducasse, S., Cassou, D., Denker, M.: Access control to reflection with object ownership. In: Proceedings of the 11th Symposium on Dynamic Languages, DLS 2015, pp. 168–176. ACM, New York (2015)Google Scholar