Article: A framework of security and safety checking for internet-based control systems Journal: International Journal of Information and Computer Security (IJICS) 2007 Vol.1 No.1/2 pp.185 - 200 Abstract: Internet-based control is a way of using the internet as a platform for remote monitoring and control operation. The obvious benefit is to enable remote monitoring and maintenance of process plants and to initiate global collaboration and data sharing between operators from geographically dispersed locations. However, connection to an open network and the use of universal technology present high safety and security risks to the new generations of control systems. Are we opening up our internet-enabled control systems for trouble since a number of malicious hackers continually attack web servers on the internet? The new type of control systems will never be accepted by industries if people do not have enough confidence in their safety and do not feel secure by using the system. This paper presents a framework of security and safety checking, used in the design of internet-based control systems. Based on the existing measures of physical and network securities, such as firewall and comprehensive user-authorised access control, the framework proposed in this paper focuses on the security of control commands transferred over the internet, responding actions to malicious attacks and system safety. An internet-based control system for a process rig is used as a case study to illustrate the implementation of the framework. Inderscience Publishers - linking academia, business and industry through research

Title: A framework of security and safety checking for internet-based control systems

Authors: Lili Yang, S.H. Yang

Addresses: Business School, Loughborough University, Loughborough, Leicestershire LE11 3TU, UK. ' Computer Science Department, Loughborough University, Loughborough, Leicestershire LE11 3TU, UK

Abstract: Internet-based control is a way of using the internet as a platform for remote monitoring and control operation. The obvious benefit is to enable remote monitoring and maintenance of process plants and to initiate global collaboration and data sharing between operators from geographically dispersed locations. However, connection to an open network and the use of universal technology present high safety and security risks to the new generations of control systems. Are we opening up our internet-enabled control systems for trouble since a number of malicious hackers continually attack web servers on the internet? The new type of control systems will never be accepted by industries if people do not have enough confidence in their safety and do not feel secure by using the system. This paper presents a framework of security and safety checking, used in the design of internet-based control systems. Based on the existing measures of physical and network securities, such as firewall and comprehensive user-authorised access control, the framework proposed in this paper focuses on the security of control commands transferred over the internet, responding actions to malicious attacks and system safety. An internet-based control system for a process rig is used as a case study to illustrate the implementation of the framework.

Keywords: hybrid data encryption; information security; computer security; internet based control; malicious attacks; safety checking; remote monitoring; remote control; global collaboration; data sharing; control systems; firewall; user authorisation; access control; system safety; process rigs.

DOI: 10.1504/IJICS.2007.012249

International Journal of Information and Computer Security, 2007 Vol.1 No.1/2, pp.185 - 200

Published online: 31 Jan 2007 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article

Title: A framework of security and safety checking for internet-based control systems

Keep up-to-date