A holistic cyber-protection approach for industrial control systems based on systems theory : cyber security in ICSs

• Main Author: Spyridopoulos, Theodoros
• Format: Dissertation
• Language: English
• Published: University of Bristol 2016

Being the cornerstone of today's Industry, Industrial Control Systems (ICSs) play an important role in the overall function and quality of modern society. Their use to control critical processes within the Industry (power production, transportation, manufacturing etc.) makes them an integral part of the Critical National Infrastructure (CNI), as defined by the European Council (2008), rendering thereby their protection a process of critical importance. Traditionally, ICSs have been operated as closed, isolated systems. However, the connection of contemporary ICS installations with external networks, including the corporate network and the Internet, along with the introduction of conventional off-the-self technologies, has exposed the once isolated systems to a rapidly evolving yet new to them cyberthreat landscape. Their critical nature further complicates the situation making them an attractive target for various attack vectors and threat agents. Traditional cyber-security methods seem inadequate since they are tailored to the specific corporate needs ignoring the demanding nature of ICSs. Nevertheless, due to the increased cost of designing and applying new cyber-protection methods, the majority of cyber-security solutions used nowadays in the Industry are mainly adaptations of traditional corporate-oriented methods (Giannopoulos et aI., 2012), raising thus significant challenges that the research community has to address. This thesis presents novel cyber-security approaches, tailored to the particular nature of ICSs. The developed methods take into account both the increased cybersecurity needs in this critical area and the related costs, offering optimal cost efficient cyber-security solutions. Stafford Beer's Viable System Model (VSM) was used as a vehicle to analyse the behaviour of ICSs and identify the areas where cost-efficient cyber-protection methods are in need (Stafford, 1984). Driving the research into those areas a series of cyber-protection methods were developed using system theory-base.d techniques such as game theory and system dynamics. Those methods include a cost-efficient cyber-security model against the malware spread within ICSs and a cost-efficient model for the protection against Denial of Service (DoS)/ Distributed Denial of Service (DDoS) attacks. Building on the same premises a novel ICS-oriented cyber-security risk management method was developed based on the Viable System Model and game theory. i