Managing Cyber-Physical Risk in the Industrial Control Systems Lifecycle

Abstract

The safe and reliable operation of industrial processes is vital in today’s society and economy. However, industrial control systems (ICSs) are increasingly exposed to threats that exploit their cyber-physical properties to compromise the critical services they provide. This problem is aggravated by the fact that the peculiarities of ICSs constrain the implementation of conventional InformationTechnology (IT) security solutions, which are commonly employed to protect information systems. Moreover, new technology trends, such as Industry 4.0 and the Industrial Internet of Things (IIoT), broaden the attack surface of ICSs and make them more susceptible to cyber-physical attacks. Addressing security issues from the beginning of the systems’ lifecycle can help alleviate this situation. Furthermore, effective management of cyber-physical risk throughout subsequent phases is necessary as ICSs and the threat landscape continue to evolve. The dissertation at hand explores security challenges associated withthe engineering and operation of ICSs and presents methods for risk assessment and mitigation to address them. In the first part of this thesis, several concepts and techniques that foster a security-improved engineering approach are presented. Initially, the security aspects of engineering ICSs are analyzed from resource- and process-based perspectives. On the one hand, the analysis focuses on how engineering activities like software testing need to be protected to mitigate the risks of sabotage and theft of critical assets. On the other hand, a security development lifecycle to incorporate security-by-design principles into the ICS engineering process is introduced. Next, the literature on security risk assessment for ICSs is reviewed, with special emphasis on quantitative approaches. Based on this, methods that automate the identification of cyber-physical risks using engineering data are proposed, aiming to support risk assessment efforts during system integration. The second part of the dissertation examines how virtual replicas of ICSs, so-called digital twins, can be employed for security-enhancing purposes. Reviewing existing solution proposals and systematically analyzing the required features needed to achieve the anticipated security benefits reveals the underlying mechanisms and characteristics associated with security-enhancing digitaltwins (SEDTs). Building upon the notion of SEDTs, a framework that utilizes engineering artifacts to facilitate the creation of such virtual replicas ispresented. The developed framework is then extended with a state replication approach that functions as a synchronization mechanism between the SEDTs and actual systems. This set of features lays the foundation for various security applications targeting the ICS operation phase. In particular, it is shown that a behavior-specification-based intrusion detection system (IDS) can be implemented. This IDS compares the behavior of the SEDTs with that of their counterparts, identifying state differences indicative of malicious activity. Overall, the findings of this doctoral thesis not only confirm the critical importance of adopting a holistic security approach but also pave the way for transformative advancements in cyber-physical risk management.