Skip to main content
SpringerLink
Log in
Book cover

International Conference on Computer Safety, Reliability, and Security

SAFECOMP 2014: Computer Safety, Reliability, and Security pp 7–15Cite as

Cyber (In-)security of Industrial Control Systems: A Societal Challenge

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 9337))

Abstract

Our society and its citizens increasingly depend on the undisturbed functioning of critical infrastructures (CI), their products and services. Many of the CI services as well as other organizations use Industrial Control Systems (ICS) to monitor and control their mission-critical processes. Therefore, it is crucial that the functioning of ICS is well protected inter alia against cyber threats. The cyber threat areas to ICS comprise the lack of proper governance as well as cyber security aspects related to organizational, system and network management, technology and technical issues. Moreover, newer functionality entering organizations is often controlled by embedded ICS which hide itself from those that are responsible for cyber security. The immature cyber security posture of ICS and their connectivity with public networks pose a major risk to society. This article explores the threats, provide some examples of cyber incidents with ICS, and will discuss the ICS security challenges to our societies.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. Bruce, R., Dynes, S., Brechbuhl, H., Brown, B., Goetz, E., Verhoest, P., Luiijf, E., Helmus, S.: International Policy Framework for Protecting Critical Information Infrastructure: A Discussion Paper Outlining Key Policy Issues, TNO report 33680, TNO, The Netherlands and Tuck School of Business/Center for Digital Strategies at Dartmouth, USA (2005). http://www.ists.dartmouth.edu/library/158.pdf

  2. CIPediaMain Page. http://www.cipedia.eu

  3. EC: European Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection, OJ 2008 L 345/77, Brussels, Belgium (2008). http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:L:2008:345:0075:0082:EN:PDF

  4. EC: Joint Communication to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions - Cybersecurity Strategy of the European Union: An Open, Safe and Secure Cyberspace, Brussels, Belgium (2013). http://ec.europa.eu/dgs/home-affairs/e-library/documents/policies/organized-crime-and-human-trafficking/cybercrime/docs/join_2013_1_en.pdf

  5. ICS-CERT. https://ics-cert.us-cert.gov

  6. Luiijf, E.: Why are we so unconsciously insecure? Int. J. Crit. Infrastruct. Prot. 6(3–4), 179–181 (2013). doi:10.1016/j.ijcip.2013.10.003. http://www.sciencedirect.com/science/article/pii/S1874548213000486

    Article  Google Scholar 

  7. Luiijf, E., Kernkamp, A.: Sharing Cyber Security Information. TNO, The Hague (2015). http://www.tno.nl/info-share

    Book  Google Scholar 

  8. Luiijf, E., te Paske, B.J.: Cyber Security of Industrial Control Systems. TNO, The Hague (2015). http://www.tno.nl/ICS-security

    Google Scholar 

  9. Lüders, S.: Control Systems under attack? In: 10th ICALEPCS Int. Conf. on Accelerator and Large Expt. Physics Control Systems, CERN, Geneva (2005). https://accelconf.web.cern.ch/accelconf/ica05/proceedings/pdf/O5_008.pdf

  10. Oosterink, M.: Security of legacy process control systems: moving towards secure process control systems (whitepaper). CPNI.NL, The Hague, Netherlands (2012). http://publications.tno.nl/publication/102819/5psRPC/oosterlink-2012-security.pdf

  11. Radvanosky, R., Brodsky, J.: Project Shine (SHodan INtelligence Extraction) Findings Report (2014). http://www.slideshare.net/BobRadvanovsky/project-shine-findings-report-dated-1oct2014

  12. Russel, J.: A Brief History of SCADA/EMS (2015). http://scadahistory.com/

  13. Shodan search engine. http://www.shodanhq.com

  14. World Economic Forum: Risk and Responsibility in a Hyperconnected World (WEF principles), Geneva, Switzerland (2014). http://www.weforum.org/reports/risk-and-responsibility-hyperconnected-world-pathways-global-cyber-resilience

Download references

Author information

Authors and Affiliations

  1. Netherlands Organisation for Applied Scientific Research TNO, P.O. Box 96864, The Hague, The Netherlands

    Eric Luiijf

Authors
  1. Eric Luiijf
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Eric Luiijf .

Editor information

Editors and Affiliations

  1. University of Technology, Delft, The Netherlands

    Floor Koornneef

  2. University of Huddersfield, Huddersfield, United Kingdom

    Coen van Gulijk

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer International Publishing Switzerland

About this paper

Cite this paper

Luiijf, E. (2015). Cyber (In-)security of Industrial Control Systems: A Societal Challenge. In: Koornneef, F., van Gulijk, C. (eds) Computer Safety, Reliability, and Security. SAFECOMP 2014. Lecture Notes in Computer Science(), vol 9337. Springer, Cham. https://doi.org/10.1007/978-3-319-24255-2_2

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-24255-2_2

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-24254-5

  • Online ISBN: 978-3-319-24255-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation