Better Safe Than Sorry: Risk Management based on a Safety-augmented Network Intrusion Detection System

Abstract

Interconnected Industrial Control System (ICS) networks based on routable protocols are susceptible to remote attacks similar to classical Information Technology (IT) networks. However, addressing ICS security in an isolated view is dangerous since ICSs have to ensure safety measures for people, processes, and the environment. Safety and security of ICSs are often addressed separately, without considering their important interrelation. Safety measures can violate security policies (e.g., an emergency stop function accessible by anyone); likewise, a security incident can violate safety policies (e.g., by increasing reaction time). In this paper we propose a Network-based Intrusion Detection System (NIDS) with the interrelation between safety and security in mind: It detects security incidents while evaluating possible safety-related consequences of both the detected attack and possible countermeasures. We evaluate our approach with a Proof of Concept (PoC). The alerts generated by the PoC prototype serve as the basis for a risk management strategy proposed in this paper. Our approach provides a basis for safety-aware intrusion detection in smart factories and other cyber-physical systems.