TY - JOUR
T1 - Cybersecurity for industrial control systems
T2 - A survey
AU - Bhamare, Deval
AU - Zolanvari, Maede
AU - Erbad, Aiman
AU - Jain, Raj
AU - Khan, Khaled
AU - Meskin, Nader
N1 - Publisher Copyright:
© 2019 Elsevier Ltd
PY - 2020/2
Y1 - 2020/2
N2 - Industrial Control System (ICS) is a general term that includes supervisory control & data acquisition (SCADA) systems, distributed control systems (DCS), and other control system configurations such as programmable logic controllers (PLC). ICSs are often found in the industrial sectors and critical infrastructures, such as nuclear and thermal plants, water treatment facilities, power generation, heavy industries, and distribution systems. Though ICSs were kept isolated from the Internet for so long, significant achievable business benefits are driving a convergence between ICSs and the Internet as well as information technology (IT) environments, such as cloud computing. As a result, ICSs have been exposed to the attack vectors used in the majority of cyber-attacks. However, ICS devices are inherently much less secure against such advanced attack scenarios. A compromise to ICS can lead to enormous physical damage and danger to human lives. In this work, we have a close look at the shift of the ICS from stand-alone systems to cloud-based environments. Then we discuss the major works, from industry and academia towards the development of the secure ICSs, especially applicability of the machine learning techniques for the ICS cyber-security. The work may help to address the challenges of securing industrial processes, particularly while migrating them to the cloud environments.
AB - Industrial Control System (ICS) is a general term that includes supervisory control & data acquisition (SCADA) systems, distributed control systems (DCS), and other control system configurations such as programmable logic controllers (PLC). ICSs are often found in the industrial sectors and critical infrastructures, such as nuclear and thermal plants, water treatment facilities, power generation, heavy industries, and distribution systems. Though ICSs were kept isolated from the Internet for so long, significant achievable business benefits are driving a convergence between ICSs and the Internet as well as information technology (IT) environments, such as cloud computing. As a result, ICSs have been exposed to the attack vectors used in the majority of cyber-attacks. However, ICS devices are inherently much less secure against such advanced attack scenarios. A compromise to ICS can lead to enormous physical damage and danger to human lives. In this work, we have a close look at the shift of the ICS from stand-alone systems to cloud-based environments. Then we discuss the major works, from industry and academia towards the development of the secure ICSs, especially applicability of the machine learning techniques for the ICS cyber-security. The work may help to address the challenges of securing industrial processes, particularly while migrating them to the cloud environments.
KW - Cloud computing
KW - Cybersecurity
KW - Industrial control system
KW - Intrusion detection system
KW - Machine learning
UR - http://www.scopus.com/inward/record.url?scp=85075494185&partnerID=8YFLogxK
U2 - 10.1016/j.cose.2019.101677
DO - 10.1016/j.cose.2019.101677
M3 - Review article
AN - SCOPUS:85075494185
SN - 0167-4048
VL - 89
JO - Computers and Security
JF - Computers and Security
M1 - 101677
ER -