Abstract
“Cyber Security And Resilience Of Industrial Control Systems And Critical Infrastructures”, written by Maurizio Martellini, Sandro Bologna and Alessandro Fasani, it’s a natural follow-up of the previous paper and describes what Industrial Control Systems are, provides an analysis on what are the main vulnerabilities affecting ICS and describes the principal methodologies for attacking them. Then, the paper defines what measures could be taken in order to make ICS and Critical Infrastructures resilient. The document ends outlining what international measures are being taken in order to protect critical infrastructure and their systems.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Bibliography
B. Abolghasem, IAEA Report: The growing resilience of Iran’s nuclear program (Foreign Policy J., 2012), http://www.foreignpolicyjournal.com/2012/02/27/iaea-report-the-growing-resilience-of-irans-nuclear-program/. Accessed 5 May 2013
M. Ahlers, Inside a government computer attack exercise (CNN, 2011), http://edition.cnn.com/2011/10/17/tech/innovation/cyberattack-exercise-idaho/index.html. Accessed 5 May 2013
A. Klimburg (ed.), National cyber security framework manual (NATO CCD COE publication, 2012), http://www.ccdcoe.org/publications/books/NationalCyberSecurityFrameworkManual.pdf. Accessed 5 May 2013
C. Ashton, Press conference on the launch of the EU’s cyber security strategy (2013), http://www.consilium.europa.eu/uedocs/cms_Data/docs/pressdata/EN/foraff/135287.pdf. Accessed 5 May 2013
C. Malmström, Stepping up the fight against cybercriminals to secure a free and open internet (Press conference on the launch of the EU’s cyber security strategy, 2013), http://europa.eu/rapid/press-release_SPEECH-13-105_en.htm. Accessed 5 May 2013
G. Chazan, Cyber saboteurs stalk the oil industry (Financial Times, 2013), http://www.ft.com/cms/s/0/989aa68c-692e-11e2-b254-00144feab49a.html#axzz2Y5HyNmEC. Accessed 5 May 2013
European Commission, Proposal for a regulation of the European parliament and of the council establishing horizon 2020—The framework programme for research and innovation (2014–2020) (European Commission, 2011), http://ec.europa.eu/research/horizon2020/pdf/proposals/com(2011)_809_final.pdf. Accessed on 5 May 2013
European Commission, Cybersecurity strategy of the European Union: an open, safe and secure cyberspace (Euopean Commission, 2013), http://ec.europa.eu/dgs/home-affairs/e-library/documents/policies/organized-crime-and-human-trafficking/cybercrime/docs/join_2013_1_en.pdf. Accessed 5 May 2013
D. Goldman, Hacker hits on U.S. power and nuclear targets spiked in 2012 (CNN, 2013), http://money.cnn.com/2013/01/09/technology/security/infrastructure-cyberattacks/index.html. Accessed 5 May 2013
G. Gritsai et al., Scada safety in numbers. Positive technologies ed. (2013), http://www.ptsecurity.com/download/SCADA_analytics_english.pdf. Accessed 5 May 2013
Idaho National Laboratories, Vulnerability analysis of energy delivery control systems (US DOE publication, 2011), http://energy.gov/sites/prod/files/Vulnerability%20Analysis%20of%20Energy%20Delivery%20Control%20Systems%202011.pdf. Accessed 5 May 2013
N. Kroes, Using cybersecurity to promote European values. Press conference on the launch of the EU’s cyber security strategy (2013), http://europa.eu/rapid/press-release_SPEECH-13-104_en.htm. Accessed May 5 2013
NERC, Cyber attack task force final report (NERC, 2012), http://www.nerc.com/docs/cip/catf/12-CATF_Final_Report_BOT_clean_Mar_26_2012-Board%20Accepted%200521.pdf. Accessed 5 May 2013
Newsroom, Iran ‘fends off new Stuxnet cyber attack (BBC, 2012), http://www.bbc.co.uk/news/world-middle-east-20842113. Accessed 5 May 2013
B. Obama, Improving critical infrastructure cybersecurity—executive order (White House press office, 2013), http://www.whitehouse.gov/the-press-office/2013/02/12/executive-order-improving-critical-infrastructure-cybersecurity. Accessed 5 May 2013
P. Paganini, The importance of security requirements in design of SCADA systems (PenTest auditing and standards, 2012:06)
D. Sanger, Obama order sped up wave of cyberattacks against Iran (The New York Times, 2012), http://www.nytimes.com/2012/06/01/world/middleeast/obama-ordered-wave-of-cyberattacks-against-iran.html?pagewanted=all&_r=0. Accessed 5 May 2013
SHODAN Search Engine (2009), http://www.shodanhq.com/. Accessed 5 May 2013
US Department of Homeland Security: Common cybersecurity vulnerabilities in industrial control systems (2011), http://ics-cert.us-cert.gov/sites/default/files/DHS_Common_Cybersecurity_Vulnerabilities_ICS_2010.pdf. Accessed 5 May 2013
US Department of Homeland Security: ICS–CERT incident response summary report 2009–2011 (2011), http://scadahacker.com/library/Documents/ICS_Events/ICS-CERT%20Incident%20Response%20Summary%20Report.pdf. Accessed 5 May 2013
US Department of Homeland Security: ICS–CERT monthly monitor Oct–Dec 2012 (2011), http://ics-cert.us-cert.gov/pdf/ICS-CERT_Monthly_Monitor_Oct-Dec2012.pdf. Accessed 5 May 2013
US National Communication Systems: Technical information bulletin 04-1, supervisory control and data acquisition (SCADA) systems (2004), http://www.ncs.gov/library/tech_bulletins/2004/tib_04-1.pdf. Accessed 5 May 2013
N. Weinstein, Stuxnet attacks Iran again, reports say (CNET, 2012), http://news.cnet.com/8301-1009_3-57560799-83/stuxnet-attacks-iran-again-reports-say/. Accessed 5 May 2013
J. Weiss, Assuring industrial control system (ICS) cyber security. CSIS ed. (2008), http://csis.org/files/media/csis/pubs/080825_cyber.pdf. Accessed 5 May 2013
K. Zetter, Vulnerability lets hackers control building locks, electricity, elevators and more (Wired US, 2013), http://www.wired.com/threatlevel/2013/02/tridium-niagara-zero-day/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%253A+wired27b+%2528Wired%253A+Blog+-+Threat+Level%2529. Accessed on 5 May 2013
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 The Author(s)
About this chapter
Cite this chapter
Bologna, S., Fasani, A., Martellini, M. (2013). Cyber Security and Resilience of Industrial Control Systems and Critical Infrastructures. In: Martellini, M. (eds) Cyber Security. SpringerBriefs in Computer Science. Springer, Cham. https://doi.org/10.1007/978-3-319-02279-6_6
Download citation
DOI: https://doi.org/10.1007/978-3-319-02279-6_6
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-02278-9
Online ISBN: 978-3-319-02279-6
eBook Packages: Computer ScienceComputer Science (R0)