Segmentation and segregation mechanisms and models to secure the integration of Industrial control Systems (ICS) with corporate system

Khaoula Es-Salhi 1, 2
1 Lab-STICC_IMTA_CID_IRIS
Lab-STICC - Laboratoire des sciences et techniques de l'information, de la communication et de la connaissance
Abstract : Securing ICS systems, and especially integrated ones, is becoming one of the most urgent issues that disquiets not only all industrial actors but also governments. Very important number of industrial entities and infrastructures are so critical that any non contained cyber attack on these entities can cause huge damage to business, to environment and more gravely to national security and people safety.This thesis studies the integration of ICS with Corporate systems from a security standpoint. Our goal is to study integrated ICS systems security vulnerabilities and suggest models and mechanisms to improve their security and protect them against ceyberattacks. After conducting a study on the vulnerabilities of integrated ICS systems (IICS) and the existing security solutions, we focused on the study of defence in depth technique and its applicability to integrated ICS systems. We defined a new generic segmentation method for IICS, SONICS, which simplifies the segmentation of IICS by focusing only on spects that are really significant for segmentation. We next developed an improved version of SONICS, RIICS (Risk based IICS Segmentation), a segmentation method for IICS systems that fills the SONICS gaps by focusing on risk on top of technical and industrial specifications. To complement the segmentation method, we studied segregation and access control solutions. We proposed a new DTE-based l (Domain Type Enforcement) flow control model for integrated ICS systems.
Complete list of metadatas

Cited literature [172 references]  Display  Hide  Download

https://tel.archives-ouvertes.fr/tel-02298847
Contributor : Abes Star <>
Submitted on : Friday, September 27, 2019 - 11:35:07 AM
Last modification on : Thursday, October 17, 2019 - 12:36:56 PM

File

2019IMTA0143_EsSalhi-Khaoula_D...
Version validated by the jury (STAR)

Identifiers

  • HAL Id : tel-02298847, version 1

Citation

Khaoula Es-Salhi. Segmentation and segregation mechanisms and models to secure the integration of Industrial control Systems (ICS) with corporate system. Systems and Control [cs.SY]. Ecole nationale supérieure Mines-Télécom Atlantique, 2019. English. ⟨NNT : 2019IMTA0143⟩. ⟨tel-02298847⟩

Share

Metrics

Record views

101

Files downloads

111