Abstract

Industrial control systems (ICS) are vital for countries’ industrial facilities and critical infrastructures. However, there are not enough security assessments against cyber attacks carried out on ICS for not preventing business continuity. New attacks are being made every day against these systems. Threats and attacks against critical infrastructures must be detected for protecting human life and assets. For this reason, detection has become more important than the prevention of attacks. In this study, vulnerability and attack detection analysis was carried out on programmable logic controllers (PLCs), one of the most important components of ICS, in the testbed and a rule set was created to detect active start/stop attacks. In this case, with writing this rule table, similar attacks will be prevented without harming the critical systems. In the analysis, mirroring technique was used to prevent the detection system from imposing additional load to the existing system and affecting the operation of the system negatively. In the test environment, Siemens S-7 1200 (Firmware 2.2) PLC devices were used. Smoothsec system, which is not used in industrial systems, is used for detection and rule table. It is assessed that this novel approach will provide significant contributions to attract attention to vulnerabilities and the security analysis of industrial control systems.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.