Paper Info
Title
A Software-Defined Security Approach For Securing Field Zones In Industrial Control Systems
Abstract
Industrial control systems (ICSs) are facing increasingly severe security threats. Zone isolation, a commonly adopted idea for stopping attack propagation in general information systems, has been investigated for ICS security protection. It is usually implemented through perimeter security techniques. However, anomaly states of the physical processes in a compromised field zone may spread into other zones through the inter-zone information interaction. Due to the coupling of the physical processes between different zones, it is difficult to prevent the propagation of attack impact in ICSs. In this paper, a software-defined security (SDSec) approach is presented to address this problem. It consists of a hybrid anomaly detection module and a multi-level security response module, both of which work together to secure the ICS field zones. The hybrid anomaly detection module inspects anomaly behaviors from the perspectives of network communications and physical process states. The multi-level security response module helps prevent unapproved packets from communications, thus isolating any compromised zone. It also generates attack mitigation strategies to secure physical processes. Hardware-in-the-loop simulations are conducted to demonstrate the effectiveness of the presented approach.
Year
DOI
Venue
2019
10.1109/ACCESS.2019.2924800
IEEE ACCESS
Keywords
DocType
Volume
Industrial control system, zone protection, software-defined security (SDSec), attack mitigation, anomaly detection
Journal
7
ISSN
Citations 
PageRank 
2169-3536
0
0.34
References 
Authors
0
4
Name
Order
Citations
PageRank
Jun Yang1332.84
Chunjie Zhou27920.11
Yu-Chu Tian355059.35
Shuanghua Yang437746.40