Title: Model-based autonomic security management for cyber-physical infrastructures

Authors: Qian Chen; Madhulika Trivedi; Sherif Abdelwahed; Thomas Morris; Frederick Sheldon

Addresses: Department of Engineering: Computer Science Technology, Savannah State University, Savannah, GA 31404, USA ' DefiNet Contact, Nashville, TN 37212, USA ' Electrical and Computer Engineering Department, Mississippi State University, Starkville, MS 39762, USA ' Department of Electrical and Computer Engineering, University of Alabama in Huntsville, Huntsville, AL 35899, USA ' Department of Computer Science, University of Idaho, Moscow, ID 83844, USA

Abstract: Supervisory control and data acquisition (SCADA) systems, widely used in monitoring and controlling critical infrastructure systems, are highly vulnerable to cyber attacks. Current security solutions can protect SCADA systems from known cyber assaults, but most require human intervention. This paper presents a model-based autonomic security management (ASM) approach that monitors SCADA system performance and proactively predicts upcoming cyber attacks that may disrupt physical processes. We also discuss the feasibility of intrusion detection systems for laboratory-scale known and unknown attack detection. The ASM approach provides the most appropriate countermeasure recommendations, which may be deployed (semi-) autonomously based on an adaptive feedback mechanism. We present a gas pipeline case study and carry out function code scanning and malicious parameter injection attacks to validate the self-protection feature. Experimental results show that the ASM approach strengthens the SCADA system security, reduces protection time delays and toward achieving normal operations with little or no human intervention.

Keywords: autonomic computing; self-protection; SCADA security; supervisory control; data acquisition; cyber attacks; model-based security management; cyber-physical infrastructures; cyber-physical systems; CPS; critical infrastructures; intrusion detection systems; IDS; unknown attack detection; adaptive feedback; gas pipelines.

DOI: 10.1504/IJCIS.2016.081297

International Journal of Critical Infrastructures, 2016 Vol.12 No.4, pp.273 - 294

Received: 11 May 2015
Accepted: 19 Jan 2016

Published online: 29 Dec 2016 *

Full-text access for editors Access for subscribers Purchase this article Comment on this article