ON SAFETY ISSUE OF INDUSTRIAL CONTROL SYSTEMS

Livshitz I.I. On safety issue of industrial control systems. Scientific and Technical Journal of Information Technologies, Mechanics and Optics, 2021, vol. 21, no. 1, pp. 1–14 (in Russian). doi: 10.17586/2226-1494-2021-21-1-1-14

There are several various methodological approaches well known for the current level safety ensuring of industrial control systems. Two worlds apart methodological approaches have been considered fundamentally over the past few years: the proposal to implement additional information security countermeasures without changing the basic IT-infrastructure, and creation of a new total isolation concept (for example, the Zero Trust Architecture). These methodological approaches do not lead to stability and security of industrial control systems as noted by the world centers of competence in Russia (Group-IB, Positive Technology) and in the world (IBM, MS, Cisco, CheckPoint). Reports of new and new critical vulnerabilities never stop, including a significant number in relation to industrial control systems. The problem of safety ensuring dates from the XX century, has passed several stages of maturity, and, presently, the approach “from functionality” is the most obvious. In general, this approach consists in the fact that the formation and solution of a problem begins when the manufacturer creates a solution based on a specification consisting of functional safety requirements. Then the safety assessment based on trust requirements is carried out. For the overall process of the safety ensuring of industrial control systems, unfortunately, it is typical, that, so far, the industry has not yet developed a holistic culture of consumption of secure IT-components with security evidence that can be traced to the required level. Only a few suppliers in the world and in Russia are ready to offer components that have a proven level of Safety Integrity Level in accordance with the requirements of IEC 61508 and/or 61511 series. The present publication considers the issue of the safety ensuring of industrial control systems in such technical aspects as: the required resources, the specified speed, the management quality, the validation methods, estimation of residual risks and other computable estimates. A brief overview of existing approaches is presented and some possible solutions for the defined problem are given.

1. Baranov S.N., Sokolov B.V., Telezhkin A.M., Mustafin N.G. Models of risks in program projects. Proc. 2nd Interregional Scientific and Practical Conference “Promising Areas of Development of Domestic Information Technologie”, Sevastopol, Sevastopol State University, 2016, pp. 45–46. (in Russian)

2. Sokolov B.V., Ivanov D.A., Pavlov A.N., Slinko A.A. Simulation of critical infrastructure survivability. Proc. 7th All-Russian scientific and practical conference Simulation modeling. “Theory and practice”, in 2 vol, vol. 1. Moscow, V.A.Trapeznikov Institute of Control Sciences Russian Academy of Sciences, 2015, pp. 162–167. (in Russian)

3. Verzilin D.N., Sokolov B.V., Yusupov R.M. Neocibernetics: state of research and development prospects. Proc. 23rd International Scientific and Practical Conference “Systems Analysis in Design and Management”, St. Petersburg, Peter the Great St. Petersburg Polytechnic University, 2019, pp. 81–98. (in Russian)

4. Maggi F., Pogliani M. Attacks on Smart Manufacturing Systems: A Forward-looking Security Analysis. Available at: https://documents. trendmicro.com/assets/white_papers/wp-attacks-on-smart- manufacturing-systems.pdf (accessed: 14.10.2020).

5. Claroty Biannual ICS Risk & Vulnerability Report: 1H 2020. Available at: https://f.hubspotusercontent20.net/hubfs/2553528/ Claroty_Biannual_ICS_Risk_Vulnerability_Report_1H2020.pdf (accessed: 14.10.2020).

6. Livshitz I.I., Neklyudov A.V., Lontsikh P.A. IT security evaluation — “hybryd” approach and risk of its implementation. Journal of Physics: Conference Series, 2018, vol. 1015, no. 4, pp. 042030. doi: 10.1088/1742-6596/1015/4/042030

7. Livshitc I.I., Nekliudov A.V. Information security audit program optimization technique. Proc. 22nd Scientific and Practical Conference “Comprehensive information protection”. Novopolotsk, Polotsk State University, 2017, pp. 135–139. (in Russian)

8. Livshitz I. Method for evaluating security of cloud IT-components based on existing standards criteria. SPIIRAS Proceedings, 2020, vol. 19, no. 2, pp. 383–411. (in Russian). doi: 10.15622/sp.2020.19.2.6

9. Livshitz I. Practice of cyber-risks management in oil and gas projects of holding companies. Voprosy kiberbezopasnosti, 2020, no. 1(35), pp. 42–51. (in Russian).

doi: 10.21681/2311-3456-2020-01-42-51

10. Kostogryzov A.I., Zubarev I.Iu., Rodionov V.N. Methodological guidelines for assessing the quality of information systems functioning (in the context of GOST RV 51987), Moscow, 2004, 352 p. (in Russian)

11. Kostogryzov A.I. Effective risk management for critical and strategically important objects of the Russian Federation. IT-Standard, 2015, no. 2(3), pp. 1–8. (in Russian)

12. Kostogryzov A.I. The ways of solving some problems of complex safety by methods of system engineering. IT-Standard, 2017, no. 4(13), pp. 5–12. (in Russian)

13. Zhidkov I., Kadushkin I. About the signs of potentially dangerous events in information systems. Voprosy kiberbezopasnosti, 2014, no. 1(2), pp. 40–48. (in Russian)

14. Boyko A.A., Gricenko S.A., Khramov V.U. System of the factors quality database of the automatic systems. Proceedings of Voronezh State University. Series: Systems analysis and information technologies, 2010, no. 1, pp. 39–45. (in Russian)

15. Tiri K.J.V. Design for Side-channel attack resistant security ICS. Los Angeles, University of California, 2005, 141 p.

16. A Trusted and Cyber Secure Europe. Available at: https://www.enisa.europa.eu/ (accessed: 14.10.2020).

17. Fedorchenko A., Kotenko I. IOT Security event correlation based on the analysis of event types. Dependable IoT for Human and Industry: Modeling, Architecting, Implementation, 2018, pp. 147–168.

18. Fedorchenko A.V., Levshun D.S., Chechulin A.A., Kotenko I.V. An analysis of security event correlation techniques in SIEM-systems. Part 1. SPIIRAS Proceedings, 2016, no. 4(47), pp. 5–27. (in Russian). doi: 10.15622/sp.47.1

19. Fedorchenko A.V., Levshun D.S., Chechulin A.A., Kotenko I.V. An analysis of security event correlation techniques in SIEM-systems. Part 2. SPIIRAS Proceedings, 2016, no. 6(49), pp. 208–225. (in Russian). doi: 10.15622/sp.49.11

20. Bryant B.D., Saiedian H. Improving SIEM alert metadata aggregation with a novel kill-chain based classification model. Computers and Security, 2020, vol. 94, pp. 101817. doi: 10.1016/j.cose.2020.101817

21. Tsochev G., Yoshinov R., Zhukova N. Some Security issues with the industrial internet of things and comparison to SCADA systems. SPIIRAS Proceedings, 2020, vol. 19, no. 2, pp. 358–382. doi: 10.15622/sp.2020.19.2.5

22. Tarabrin M.O. Industrial Internet (IIOT) and the use of telemetric message queue (MQTT) in the development of process control systems for an oil and gas enterprise. Information-Measuring and Control Systems, Samara, 2019, pp. 260–270. (in Russian)

23. Markov A.S., Sheremet I.A. Software safety in the context of strategic stability. Bulletin of the Academy of Military Sciences, 2019, no. 2(67), pp. 82–90. (in Russian)

24. Markov A., Tsirlov V. Structured content of information security requirements. Monitoring of Law Enforcement, 2017, no. 1(22), pp. 53–61. (in Russian). doi: 10.21681/2412-8163-2017-1-53-61

25. Barabanov A.V., Markov A.S., Tsirlov V.L. International certification in the information security. Standards and Quality, 2016, no. 7, pp. 30–33. (in Russian)

26. Barabanov A.V., Markov A.S., Rautkin Iu.V. Trends in the international assessment of compliance of information security tools under the “Common Criteria”. Proc. 6th International Scientific Conference “Information Technology and Systems”, Chelyabinsk, Chelyabinsk State University, 2017, pp. 18–20. (in Russian)

This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License