Sécurité des systèmes industriels : filtrage applicatif et recherche de scénarios d'attaques

Abstract : Industrial systems, also called SCADA (for Supervisory Control And Data Acquisition),are targeted by cyberattacks since Stuxnet in 2010. Due to the criticality of theirinteraction with the real world, these systems can be really harmful for humans andenvironment. As industrial systems have historically been physically isolated from therest of the world, they focused on the protection against outages and human mistakes(also called safety). Cybersecurity differs from safety in the way that an adversary iswilling to harm the system and will learn from his mistakes. One of the difficulty interms of cybersecurity of industrial systems is to make coexist security properties withdomain specific constraints. We tackle this question with three main axes.First, we propose a filter dedicated to industrial communications, allowing to enforceapplicative properties. Then, we focus on formal verification of cryptographic protocolsapplied to industrial protocols such as MODBUS or OPC-UA. Using well-known toolsfrom the domain, we model the protocols in order to check if they provide securityproperties including confidentiality, authentication and integrity. Finally, we propose anapproach named ASPICS (for Applicative Attack Scenarios Production for IndustrialControl Systems) to study if safety properties (similar to those verified by our filter)can actually be jeopardized by attackers depending on their position and capacity. Weimplement this approach in the UPPAAL model-checker and study its results on aproof-of-concept example.
Document type :
Theses
Complete list of metadatas

Cited literature [226 references]  Display  Hide  Download

https://tel.archives-ouvertes.fr/tel-01893142
Contributor : Abes Star <>
Submitted on : Thursday, October 11, 2018 - 10:30:07 AM
Last modification on : Friday, October 12, 2018 - 1:18:53 AM
Long-term archiving on : Saturday, January 12, 2019 - 1:14:40 PM

File

PUYS_2018_archivage.pdf
Version validated by the jury (STAR)

Identifiers

  • HAL Id : tel-01893142, version 1

Collections

Citation

Maxime Puys. Sécurité des systèmes industriels : filtrage applicatif et recherche de scénarios d'attaques. Cryptographie et sécurité [cs.CR]. Université Grenoble Alpes, 2018. Français. ⟨NNT : 2018GREAM009⟩. ⟨tel-01893142⟩

Share

Metrics

Record views

254

Files downloads

240