SONICS: A Segmentation Method for Integrated ICS and Corporate System

Abstract

Integrating Industrial Control Systems (ICS) with Corporate System (IT) is one of the most important industrial orientations. With recent cybersecurity attacks, the security of integrated ICS systems has become the priority of industrial world. Defense-in-depth is one of the most important security measures that should be applied to integrated ICS systems. This security technique consists essentially of “Segmentation” and “Segregation”. Segmentation of an integrated ICS may be based on various types of characteristics such as functional characteristics, business impact, risk levels or other requirements defined by the organization. Although the research conducted so far on this subject has suggested some segmentation solutions, these solutions are unfortunately not generic enough and do not take sufficient account of all the specificities of integrated ICS systems such as their technical and functional heterogeneity. This paper presents SONICS (Segmentation On iNtegrated ICS systems) a new segmentation method that aims to simplify security zones identification by focusing on systems characteristics that are really relevant for segmentation.