EEMCS EPrints Service
Caselli, M. (2016) Intrusion Detection in Networked Control Systems: From System Knowledge to Network Security. PhD thesis, Univ. of Twente. CTIT Ph.D. Thesis Series No. 16-401 ISBN 978-90-365-4177-0
Full text available as:
Official URL: http://dx.doi.org/10.3990/1.9789036541770
“Networked control system” (NCS) is an umbrella term encompassing a broad variety of infrastructures such as industrial control systems (ICSs) and building automation systems (BASs). Nowadays, all these infrastructures play an important role in several aspects of our daily life, from managing essential services such as en- ergy and water (e.g., critical infrastructures) to monitoring the increasingly smart environments that surround us (e.g., the Internet of Things). Over the years, NCS technology has progressively switched to IT digital networks and integrated to the Internet. This fact has changed the way operators manage and control their infras- tructures and has introduced several security threats. Skilled crackers (also known as black-hat hackers) can remotely access NCSs and change infrastructure behav- ior potentially endangering human lives (e.g., causing a malfunction of a nuclear power plant). For this reason, NCS stakeholders have been facing the challenge of protecting their infrastructures against cyber-attacks and, especially, targeted attacks, namely those attacks carried out by resourceful and motivated organiza- tions (e.g., Stuxnet). A common practice for protecting NCSs includes the use of standard IT security solutions and techniques. However, most of the times, these solutions do not fit such different environments. Furthermore, any security solu- tion applied to NCSs should never interfere with infrastructure operations. This is particularly important when it comes to NCSs that monitor critical infrastruc- tures and thus, sensitive physical processes (e.g., energy production). Finally, most of today’s NCS security solutions still fail to convey accurate information to the operators and do not allow them to quickly and undoubtedly identify potentially dangerous situations. In fact, this would require more sophisticated techniques capable of understanding the surrounding environment and conclusively discern between malicious activities and valid operations.
Export this item as:
To correct this item please ask your editor
Repository Staff Only: edit this item