CONTROL SYSTEM CYBER-SECURITY
Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
project report tiger
Active In SP
**

Posts: 1,062
Joined: Feb 2010
#1
01-03-2010, 12:04 AM


Abstract

Over the last few years modern accelerator and experiment control systems have increasingly been based on commercial-off-the-shelf products (VME crates, PLCs, SCADA systems, etc.), on Windows or Linux PCs, and on communication infrastructures using Ethernet and TCP/IP. Despite the benefits coming with this ®evolution, new vulnerabilities are inherited, too: Worms and viruses spread within seconds via the Ethernet cable, and attackers are becoming interested in control systems. Unfortunately, control PCs cannot be patched as fast as office PCs. Even worse, vulnerability scans at CERN using standard IT tools have shown that commercial automation systems lack fundamental security precautions: Some systems crashed during the scan, others could easily be stopped or their process data be altered . The (CS)2/HEP workshop [2] held the weekend before ICALEPCS2007 was intended to present, share, and discuss countermeasures deployed in HEP laboratories in order to secure control systems. This presentation will give a summary of the solutions planned, deployed and the experience gained.

Presented By
S. Lüders*, CERN, Geneva, Switzerland


INTRODUCTION
The enormous growth of the worldwide interconnectivity of computing devices (the Internet) during the last decade offers computer users new means to share and distribute information and data. In industry, this results in an adoption of modern Information Technologies (IT) to their plants and, subsequently, in an increasing integration of the production facilities, i.e. their process control and automation systems, and the data warehouses. Thus, information from the factory floor is now directly available at the management level (From Shop-Floor to Top-Floor) and can be manipulated from there. However, with a thorough inter-connection of business and controls network, the risk of suffering from a security breach in distributed process control and automation systems# increases. This risk can be expressed as in the following formula: Risk = Threat × Vulnerability × Consequence The different factors are explained in the following. Threats This interconnected world is by far more hostile than a local private controls network. The number of potential threats increases as worms and viruses can now easily propagate to control systems and attackers start to become interested in control systems too. Additional threats can be operators or engineers who download configuration data to the wrong device, or broken controls devices that flood the controls network and, thus, bring it to a halt. The major part of the factor threat originates from outside and cannot be significantly reduced. Thus, protective measures have to be implemented to prevent external threats penetrating control systems. These protective measures should also prevent insiders from (deliberate or accidental) unauthorized access.

Vulnerabilities
The adoption of standard modern IT in control systems also exposes their inherent vulnerabilities to the world. Programmable Logic Controllers (PLCs) and other controls devices (even valves or temperature sensors) are nowadays directly connected to Ethernet, but often completely lack security protections [1]. Control PCs are based on Linux and Microsoft Windows operating systems, where the latter is not designed for control systems but for office usage. Even worse, control PCs can not be patched that easily, as this has to be scheduled beforehand. In addition, controls applications may either not be compliant with a particular patch or software licenses to run controls applications may become invalid. Finally, using emailing or web servers has become normal on control systems today; even web cameras and laptops can now be part of them. The vulnerability factor can either be minimized by guaranteeing a prompt fix of published or known vulnerabilities, and/or by adding pro-active measures to secure the unknown, potential or not-fixable vulnerabilities.

Consequences
Within the High-Energy Physics (HEP) community, control systems are used for the operation of the large and complex accelerators and beam lines, the attached experiments, as well as for the technical infrastructure (e.g. power & electricity, cooling & ventilation). All are running a wide variety of control systems, some of them complex, some of them dealing with personnel safety, some of them controlling or protecting very expensive or irreplaceable equipment. Thus, the consequences from suffering a security incident are inherent to the design of e.g. accelerators at stake. A security incident can lead to loss of beam time and physics data, or ” even worse ” damage to, or destruction of, unique equipment and hardware.

Control System Cyber-Security in HEP
In order to cope with the growing usage of standard IT technologies in control systems, several HEP laboratories worldwide have reviewed their operation principles by taking the aspect of security into account. This paper will give a summary on the Control System Cyber-Security
Reply

Important Note..!

If you are not satisfied with above reply ,..Please

ASK HERE

So that we will collect data for you and will made reply to the request....OR try below "QUICK REPLY" box to add a reply to this page

Quick Reply
Message
Type your reply to this message here.


Image Verification
Please enter the text contained within the image into the text box below it. This process is used to prevent automated spam bots.
Image Verification
(case insensitive)

Possibly Related Threads...
Thread Author Replies Views Last Post
  electronic diesel control edc pdf jaseelati 0 332 17-02-2015, 03:09 PM
Last Post: jaseelati
  laser security system wikipedia jaseelati 0 983 01-01-2015, 04:22 PM
Last Post: jaseelati
  air force security using thumb checker jaseelati 0 344 27-12-2014, 04:01 PM
Last Post: jaseelati
  security using colors and armstrong numbers ppt jaseelati 0 270 27-12-2014, 03:33 PM
Last Post: jaseelati
  vhdl code for elevator control system jaseelati 0 258 23-12-2014, 03:27 PM
Last Post: jaseelati
  Ultrasonic Sensor Based DC Motor Control Using LabVIEW seminar class 5 5,281 05-05-2014, 10:08 AM
Last Post: seminar project topic
  TOPOLOGY CONTROL IN MOBILE AD HOC NETWORKS WITH COOPERATIVE COMMUNICATIONS seminar flower 4 2,349 24-03-2014, 04:35 PM
Last Post: seminar project topic
  AUTOMATED RATIONING SYSTEM USING EMBEDDED SYSTEM ajukrishnan 12 8,147 23-01-2014, 07:28 AM
Last Post: Guest
  ADVANCED VEHICLE SECURITY SYSTEM WITH THEFT CONTROL AND ACCIDENT NOTIFICATION seminar ideas 2 2,490 10-01-2014, 02:07 PM
Last Post: seminar project topic
  GESTURE CONTROL AND THE NEW AND INTELLIGENT MAN-MACHINE INTERFACE seminar ideas 8 5,524 15-09-2013, 01:39 PM
Last Post: Guest