INTRODUCTION                                      duce the desired effect on the plant. The attack feasibi-
                                                              lity is demonstrated in a real experimental setup using
                Industrial Control Systems (ICS) are widely using   the PROFINET protocol and commercially available
            operational technologies (OT) to improve the perfor-  equipment. An important aspect of the data loss atta-
            mance and management capabilities of industrial pro-  ck proposed in [7] is that it avoids the indiscriminate
            cesses according to Industry 4.0 paradigm. Thanks to   loss of frames in the ICS. Indeed, to harm the plant it
            the OT, the ICSs currently take advantage of commu-  causes the loss of only few frames in the ICS to prevent
            nication networks to transmit control signals to phy-  the complete denial of communication and reduce the
            sical plants and collect measurements from plant sen-  possibility of the attack disclosure.
            sors. This reality is found in the most diverse industrial
            sectors and critical infrastructures, such as offshore oil   This paper demonstrates that the efficiency of the
            and gas systems [1], nuclear reactors [2], or water sys-  data loss attack proposed in [7] can be further impro-
            tems [3][4].                                      ved. Here, the attack described in [7] is redesigned to
                                                              reduce even more the number of frames that the atta-
                Over the years, the spread of network-based ICS   cker needs to cause the loss in the ICS, producing, at
            and the increasing integration of these systems to other   the same time, the same accurate results achieved in its
            networks (even to the Internet) is also making cyber-  original version. The improvement is obtained through
            security part of the agenda in the industrial sector [4].   two soft computing approaches, whose performances
            Examples of cyberattacks on ICSs are growing and, for   are compared: the Backtracking Search Optimization
            instance, include targets such as gas pipelines and pe-  Algorithm (BSA) [12] and the Particle Swarm Optimi-
            tro chemical plants [5], nuclear plants [4][5], diesel ge-  zation (PSO) [13]. It is worth mentioning that the aim
            nerators [5], steel mill [4], and power grids [4]. Among   of this work is not to facilitate efficient data loss atta-
            the reasons for such increasing number of cyberattacks   cks in ICSs. The purpose of this work is to demonstrate
            on ICSs, an important aspect to highlight is the wi-  the degree of optimization that may be achieved in this
            despread adoption of common Information Techno-   kind of attack and, therefore, encourage the research
            logy (IT) protocols at all levels of its communication   for countermeasures to such threats.
            stack, as well as vulnerable OT protocols on a large
            number of legacy devices [6][7]. Not by chance, recent   The rest of this work is structured as follows: first,
            studies are giving attention to the analysis of vulnera-  section II briefly describes the two soft computing al-
            bilities and exploitation mechanisms in OT protocols   gorithms used to optimize the attack. Then, Section III
            and, more specifically, in Real-Time Ethernet (RTE)   presents the original attack design and the modifica-
            protocols. Cyberattacks to PROFINET, Ethernet PO-  tion herein proposed to improve its performance. Af-
            WERLINK, Ethercat, and Ethernet/IP, for instance, are   ter that, Section IV presents the simulation results and
            addressed in [7][8][9][10], respectively.         discussion. Finally, Section V brings the conclusions.
                Along with these studies about vulnerabilities in
            OT protocols, there is also recent research demonstra-  SOFT COMPUTING FOR ATTACK
            ting advanced strategies designed to enhance the skills  IMPROVEMENT
            of attacks to ICSs, providing them with high accuracy   Aiming at a better comprehension of the attack
            and stealthiness. In [11], the authors present a rootkit   optimization process addressed in Section III, this sec-
            that, when implemented in a Programmable Logic    tion briefly describes the underlying details of the two
            Controller (PLC), performs a stealth attack by simula-  Soft Computing algorithms used to develop the attack
            ting the physical model of the target system (a power   and improve its performance: the PSO and the BSA.
            grid). In [3], the author introduces a covert Man-in-
            -the-Middle (MitM) architecture that manipulates the
            plant measurements to hide the evidences caused by   Particle Swarm Optimization
            the injection of false control signals in the ICS.    The PSO is a metaheuristic that resembles the col-
                More recently, in [7], the authors propose a novel   lective behavior of birds flying in flocks [13]. The basic
            attack strategy able to learn the dynamics of the atta-  element of this algorithm is called a particle, or indivi-
            cked system  and, then,  smartly decide  which frames   dual, and represents a possible solution to a problem
            the attack should cause the loss in the network to pro-  to be solved. Therefore, the particle swarm represents




             84       REVISTA ACADÊMICA CIENTÍFICA DO CIAW