Page 89 - RAC_CIAW_ a_I_n_01_2021.pdf
P. 89
plant life. If a modification is needed, it means that CONCLUSIONS
the controller programs has been redesigned and, hen-
ce the plant is undergoing maintenance or revamping This paper proposes a novel design capable of op-
procedures. Such situation is currently exploited by timizing a data loss attack recently reported in the lite-
some security systems to detect threats: they analyze rature [7], which was proven to be feasible in currently
unjustified variations of network traffic levels [15]. used RTE-based ICSs.
The soft computing strategy used to produce such
Hence, attackers, which want to remain stealth as
long as possible, have to keep their traffic footprint accurate and optimized attack showed to be effective,
as low as possible, below “attention” thresholds. In especially in the case of the BSA-based attack. The re-
other words, the less extra frames the attack creates sults show that the proposed approach can reduce the
the lower are the chances to be discovered. Note that number of dropped frames in 13.85% and still produ-
the attack to PROFINET shown in [7] is based on the ce the same harmful effect on the plant as the original
injection/duplicate of some selected frames to cause attack. It increases the attack efficiency and stealthi-
data loss. So, we can state that the approach herein ness due to the fewer attacker interventions (e.g. injec-
proposed increases the attack efficiency, due to the tion of frames [7]) needed to impair the ICS. For future
fewer frames needed to cause the same effects on the work, we intend to investigate mechanisms capable of
controlled system. detecting the attack, even with the lower level of chan-
ges that it produces in the network traffic.
REFERENCES
[1] Ma, H., Tang, G. Y., e Ding, X. Q. Modified-transformation-based networked controller for offshore
platforms under multiple outloads. Ocean Engineering, Elsevier, vol. 190, 106392, pp. 1-11, 2019.
[2] Dasgupta, S., et al. Stability of networked control system (NCS) with discrete time-driven pid controllers.
Control Engineering Practice, 42:41–49, 2015.
[3] Smith, R. Covert misappropriation of networked control systems: Presenting a feedback structure. Con-
trol Systems,IEEE,35(1):82-92, 2015.
[4] T. Alladi, V. Chamola, and S. Zeadally “Industrial control systems: Cyberattack trends and countermea-
sures.” Computer Communications, 2020, 155 , p 1-8.
[5] S. McLaughlin, C. Konstantinou, X. Wang, L. Davi, A.-R. Sadeghi, M.
Maniatakos, and R. Karri, “The cybersecurity landscape in industrial control systems,” Proceedings of the
IEEE, vol. 104, no. 5, pp. 1039– 1057, 2016.
[6] Collantes, M. Herrero; Padilla, A. López. Protocols and network security in ICS infrastructures. Tech.
Rep., 2015.
[7] P. Ferrari, et. al., “Model-Based Stealth Attack to Networked Control System Based on Real-Time Ether-
net,” in IEEE Transactions on Industrial Electronics, 2020.
[8] Yung J., Debar H., Granboulan L. “Security Issues and Mitigation in Ethernet POWERLINK”, in Cy-
berICPS 2016 Security of Industrial Control Systems and Cyber-Physical Systems, Lecture Notes in Computer
Science, vol 10166. Springer, 2017.
[9] A. Granat, H. Höfken, and M. Schuba, “Intrusion Detection of the ICS Protocol EtherCAT”, 2nd In-
ternational Conference on Computer, Network Security and Communication Engineering, pp.113–117, 2017.
[10] A. P. Mathur, N. O. Tippenhauer, “SWaT: a water treatment testbed for research and training on ICS
security,” IEEE Int. Workshop on Cyberphysical Systems for Smart Water Networks, pp. 31-36, 2016.
CIAW – EFICIÊNCIA, CULTURA E TRADIÇÃO 89
