?. K. Es-salhi, N. Cuppens-boulahia, and D. Espes, Analysis of ICS and Corporate system Integration vulnerabilities, the 14th International Conference on Embedded Systems, Cyber-physical Systems, and Applications, 2016.
URL : https://hal.archives-ouvertes.fr/hal-01411587

?. K. Es-salhi, D. Espes, and N. Cuppens-boulahia, A new Segmentation Method for Integrated ICS Systems, the fifteenth International Conference on Privacy, Security and Trust, 2017.

?. K. Es-salhi, D. Espes, and N. Cuppens-boulahia, RIICS: Risk based IICS segmentation Method, the 13th International Conference on Risks and Security of Internet and Systems, 2018.

?. K. Es-salhi, D. Espes, and N. Cuppens-boulahia, SONICS: a segmentation method for integrated ICS and Corporate System, the 14th International Conference on Information Systems Security, ICISS 2018, 1920.

I. Bengaluru,

?. K. Es-salhi, D. Espes, and N. Cuppens-boulahia, DTE Access Control Model for Integrated ICS Systems, the 2nd International Workshop on Security Engineering for Cloud Computing, IWSECC 2019, 2019.

, Examples of IICS data flows

. Bayuk, Growth of networked devices [Evans 2011] and cyber-attack visibility and maliciousness trends, p.21, 2011.

, General security guides segmentation

, Functional Hierarchical model

.. .. Iics-meta-model,

, Inter-zone connection's security zone

, SONICS Tool -Functional potential zones

, SONICS Tool -Constraints levels

.. .. Test-methodology,

. The and . .. System,

, The Segmented IIC test system

.. .. Ebios-steps,

.. .. Ebios-meta-model,

, Application example (1/4) -IICS System to segment, p.81

, Application example (2/4) -Geo-location Segmentation, p.82

, Application example (3/4) -Technical Segmentation, p.83

, Application example (4/4) -Risk based Segmentation, p.83

A. ;. , Etapes de la méthode de segmentation SONICS, p.125

. Méta-modèle and . .. Sonics,

A. , Outil de segmentation -capture 1

, Outil de segmentation -capture 2, A.5

A. ;. , 7 Les étapes de la méthode de segmentation RIICS, p.131

.. .. Functional-levels,

.. .. Technical-types,

. .. The-gravity-scale,

. .. The-likelihood-scale,

. Generic and . .. Services,

, Enterprise -control system integration part 1: Models and terminology. ISA-dS95 Standard, vol.48, p.105, 1999.

, Enterprise -control system integration. part 2: Object model attributes, vol.34, p.48, 1932.

, Activity models of manufacturing operations management, vol.3, p.139, 2004.

, Architecture for secure scada and distributed control system networks, 2010.

, Security for industrial automation and control systems : Security technologies for industrial automation and control systems, Draft1, Edit1), 2012.

, Security for industrial automation and control systems: Terminology, concepts, and models, vol.87, p.139, 2013.

, Global mag security. Global Security Mag, 2007.

, The innominate security technologies mguard website, It vs ot in manufacturing: How will convergence play out? 2014. 48 [Tof, vol.36, p.48, 1932.

. Albright, Did Stuxnet take out 1,000 centrifuges at the Natanz enrichment plant? Institute for Science and International Security, p.24, 2010.

M. Andress and . Leary, Chapter 6 -protect the data, Building a Practical Information Security Program, p.98, 2017.

, Classification method and key measures, ANSSI, vol.34, p.87, 2013.

Y. Ashibani and Q. H. Mahmoud, Cyber physical systems security: Analysis, challenges and solutions, Computers Security, vol.68, p.31, 2017.

[. Badger, Practical domain and type enforcement for unix, Security and Privacy, p.88, 1995.

[. Badger, A domain and type enforcement unix prototype, Computing Systems, vol.9, issue.1, p.100, 1996.

M. Badra and S. Zeadally, Design and performance analysis of a virtual ring architecture for smart grid privacy, IEEE Transactions on Information Forensics and Security, vol.9, issue.2, p.31, 2014.

. Bayuk, Malware risks and mitigation report, BITS Financial Services Roundtable, vol.21, p.139, 2011.

S. A. Boyer, Scada: Supervisory Control And Data Acquisition. International Society of Automation, vol.7, p.13, 2009.

R. Bradetich and P. Oman, Connecting scada systems to corporate it networks using security-enhanced linux, Proceedings of 34th Annual Western Protective Relay Conference, vol.88, p.90, 2007.

R. Bradetich and P. Oman, Implementing scada security policies via security-enhanced linux, proceedings of the 10th Annual Western Power Delivery Automation Conference, vol.88, p.90, 2008.

[. Cai, Scada system security: Complexity, history and new developments, 6th IEEE International Conference on Industrial Informatics, pp.569-574, 2008.

R. Campbell and J. Rrushi, Detecting cyber attacks on nuclear power plants, Advances in Information and Communication Technology (AICT), vol.290, p.42, 2011.

. Cereia, Latency evaluation of a firewall for industrial networks based on the tofino industrial security solution, Proceedings of the 2014 IEEE Emerging Technology and Factory Automation, vol.36, p.88, 2014.

. Cereia, Latency evaluation of a firewall for industrial networks based on the tofino industrial security solution, Emerging Technology and Factory Automation (ETFA), p.88, 2014.

M. Cheminod, L. Durante, and A. Valenzano, Review of security issues in industrial networks, IEEE Transactions on Industrial Informatics, vol.9, issue.1, pp.277-293, 2013.

. Cheminod, , 2016.

. Zunino, Performance impact of commercial industrial firewalls on networked control systems, 2016 IEEE 21st International Conference on Emerging Technologies and Factory Automation (ETFA), vol.39, p.87, 1930.

. Cherdantseva, A review of cyber security risk assessment methods for scada systems, Computers & security, vol.56, p.26, 1920.

S. Cherry and L. Constantine, Sons of stuxnet, IEEE spectrum, vol.14, p.24, 2011.

. Cruz, , 2015.

L. Panzieri, P. Lev, and . Simões, Improving network security monitoring for in-BIBLIOGRAPHY dustrial control systems, IFIP/IEEE International Symposium on Integrated Network Management (IM), vol.19, p.20, 2015.

D. C. , Recommended proctice: Improving industrial control systems cybersecurity with defense-in-depth strategies. US-CERT Defense In Depth, vol.45, p.48, 2009.

D. and A. , High-speed intrusion detection in support of critical infrastructure protection, Critical Information Infrastructures Security, p.42, 2006.

S. G. De-la and . Défense-nationale, Ebios-expression des besoins et identification des objectifs de sécurité, méthode de gestion des risques, vol.50, p.74, 2010.

Z. Desmit, A. E. Elhabashy, L. J. Wells, and J. A. Camelio, An approach to cyber-physical vulnerability assessment for intelligent manufacturing systems, Journal of Manufacturing Systems, vol.43, p.23, 2017.

Z. Desmit, A. E. Elhabashy, L. J. Wells, and J. A. Camelio, An approach to cyber-physical vulnerability assessment for intelligent manufacturing systems, Journal of Manufacturing Systems, vol.43, p.25, 2017.

R. C. Diovu and J. T. Agee, A cloud-based openflow firewall for mitigation against ddos attacks in smart grid ami networks, IEEE PES, vol.30, p.41, 2017.

R. C. Diovu and J. T. Agee, Quantitative analysis of firewall security under ddos attacks in smart grid ami networks, 2017 IEEE 3rd International Conference on Electro-Technology for National Development, vol.30, p.41, 2017.

. Drias, Analysis of cyber security for industrial control systems, 2015 International Conference on Cyber Security of Smart Cities, Industrial Control System and Communications (SSIC), vol.20, p.25, 2015.

. Düssel, Cyber-critical infrastructure protection using real-time BIBLIOGRAPHY 155, 2010.

, Critical Information Infrastructures Security, p.42, 2010.

[. Etigowni, Cpac: securing critical infrastructure with cyber-physical access control, Proceedings of the 32nd Annual Conference on Computer Security Applications, p.26, 2016.

D. Evans, The internet of things: How the next evolution of the internet is changing everything, vol.1, p.139, 2011.

[. Ferraiolo, Role-based access control (rbac): Features and motivations, Proceedings of 11th annual computer security application conference, p.89, 1995.

, FireEye 2015] FireEye. M-trends 2015: a view from the front line. Mandiant, 2015.

, Force and T. Initiative. Security and privacy controls for federal information systems and organizations, NIST Special Publication, vol.800, issue.53, p.87, 2013.

[. Fovino, Modbus/dnp3 state-based intrusion detection system, 24th IEEE International Conference on Advanced Information Networking and Applications, AINA 2010, vol.20, p.39, 2010.

B. Galloway and G. P. Hancke, Introduction to industrial control networks, IEEE Communications Surveys and Tutorials, vol.15, issue.2, p.40, 2013.

[. Giani, Smart grid data integrity attacks, IEEE Transactions on Smart Grid, vol.4, issue.3, p.31, 2013.

G. Gilchrist, Secure authentication for dnp3, IEEE Power and Energy Society General Meeting -Conversion and Delivery of Electrical Energy in the 21st Century, p.41, 2008.

[. Guan, A digraph model for risk identification and mangement in scada systems, Proceedings of 2011 IEEE BIBLIOGRAPHY International Conference on Intelligence and Security Informatics, vol.24, pp.150-155, 2011.

[. H. Eslava, ;. A. Pineda, D. Eslava, and . Pineda, An algorithm for optimal firewall placement. iec61850 substations, Journal of Power and Energy Engineering, p.41, 2015.

. Hachana, Towards a new generation of industrial firewalls: Operational-process aware filtering, 14th Annual Conference on Privacy, Security and Trust (PST), p.41, 2016.
URL : https://hal.archives-ouvertes.fr/hal-01660553

S. E. Hallyn and P. Kearns, Domain and type enforcement for linux, Annual Linux Showcase & Conference, p.89, 2000.

S. E. Hallyn and P. Kearns, Domain and type enforcement for linux, Annual Linux Showcase & Conference, p.100, 2000.

G. Hayes and K. El-khatib, Securing modbus transactions using hash-based message authentication codes and stream transmission control protocol, 2013 Third International Conference on Communications and Information Technology (ICCIT), p.40, 2013.

M. Henrie, Cyber security risk management in the scada critical infrastructure environment, Engineering Management Journal, vol.25, issue.2, p.24, 2013.

A. Hildick-smith, Security for critical infrastructure scada systems, SANS Reading Room, GSEC Practical Assignment, Version, vol.1, pp.498-506, 1921.

B. Hu and H. Gharavi, Smart grid mesh network security using dynamic key distribution with merkle tree 4-way handshaking, IEEE Transactions on Smart Grid, vol.5, issue.2, p.31, 2014.

. Huang, , 2009.

S. Tsai and . Sastry, Understanding the physical and economic consequences of attacks on control systems, International Journal of Critical Infrastructure Protection, vol.2, issue.3, p.7, 2009.

. Huda, Securing the operations in scada-iot platform based industrial control system using ensemble of deep belief networks, Applied Soft Computing, vol.71, issue.26, p.31, 2018.

. Huitsing, Attack taxonomies for the modbus protocols, IJCIP, vol.1, p.39, 2008.

, CERT 2015] ICS-CERT. Ics-cert monitor newsletters november-december, p.24, 2015.

V. M. Igure, S. A. Laughter, R. D. Williams, and ;. , Erik HJELMVIKJens-Tobias ZERBST. Zoning principles in electricity distribution and energy production environments, 20th International Conference on Electricity Distribution, vol.25, p.48, 2006.

R. Johari and P. Sharma, A survey on web application vulnerabilities (sqlia, xss) exploitation and security engine for sql injection, 2012 International Conference on Communication Systems and Network Technologies, p.20, 2012.

V. P. Suzanne-lightmankeith-stouffer and A. Hahn, Guide to industrial control systems (ics) security, NIST special publication, vol.800, issue.82, p.49, 2015.

[. Khaoula, A new segmentation method for integrated ics, 15th International Conference International Conference on Privacy, Security and Trust, vol.3, p.47, 2017.

[. Khaoula, Risk based iics segmentation method, 13th International Conference on Risks and Security of Internet and Systems, 2018.

[. Khaoula, Sonics: a segmentation method for integrated ics and corporate system, 14th International Conference on Information Systems Security, (ICISS'2018), 2018.

[. Khaoula, Analysis of ics and corporate system integration vulnerabilities. 14th International Conference on Embedded Systems, Cyber-physical Systems, and Applications (ESCS'2016), 2016.

A. H. Khosroshahi and H. Shahinzadeh, Security technology by using firewall for smart grid, Bulletin of Electrical Engineering and Informatics, p.41, 2016.

H. Kim, Security and vulnerability of scada systems over ip-based wireless sensor networks, International Journal of Distributed Sensor Networks, 2012.

J. Kletti, Sel-3021-1 serial encrypting transceiver. Pullman, p.40, 2007.

S. E. Laboratories, Sel-3620 ethernet security gateway, p.40

. Larkin, Evaluation of security solutions in the scada environment, ACM SIGMIS Database: the DATABASE for Advances in Information Systems, vol.45, p.42, 2014.

. Larkin, Evaluation of security solutions in the scada environment, ACM SIGMIS Database, vol.45, issue.1, p.33, 2014.

H. Leith and J. W. Piper, Identification and application of security measures for petrochemical industrial control systems, Journal of Loss Prevention in the Process Industries, vol.26, p.23, 1920.

E. P. Leverett, Quantitatively assessing and visualising industrial system attack surfaces, vol.21, p.33, 2011.

[. Li, Scadawall: A cpi-enabled firewall model for scada security, Computers Security, vol.80, p.88, 2018.

S. Li and L. Xu, Securing the internet of things, p.31, 2017.

C. Lin, S. Wu, and M. Lee, Cyber attack and defense on industry control systems, 2017 IEEE Conference on Dependable and Secure Computing, p.42, 2017.

. Liu, Analyzing the cyber-physical impact of cyber events on the power grid, IEEE Transactions on Smart Grid, vol.6, issue.5, p.31, 2015.

. Liu, Denial-of-service (dos) attacks on load frequency control in smart grids, 2013 IEEE PES Innovative Smart Grid Technologies Conference (ISGT), p.31, 2013.

[. Lu, D. Xu, ;. Y. Lu, and L. Xu, Internet of things (iot) cybersecurity research: A review of current research topics, IEEE Internet of Things Journal, p.31, 2019.

[. Mahan, Secure data transfer guidance for industrial control and scada systems, p.32, 2011.

. Majdalawieh, Dnpsec: Distributed network protocol version 3 (dnp3) security framework, Advances in Computer, Information, and Systems Sciences, and Engineering, p.41, 2006.

B. Miller and D. C. Rowe, A survey scada of and critical infrastructure incidents, vol.12, p.28, 2012.

J. Nagarajan, C. D. Nagarajan, and . Jensen, A generic role based access control model for wind power systems, Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications -JoWUA, p.40, 2010.

, (NDIA). Cybersecurity for advanced manufacturing, 2014.

. Nicholson, , 2012.

. Janicke, Scada security in the light of cyber-warfare, Computers & Security, vol.31, issue.4, p.28, 2012.

J. Nivethan and M. Papa, A linux-based firewall for the dnp3 protocol, 2016 IEEE Symposium on Technologies for Homeland Security (HST), p.41, 2016.

D. Niyato and P. Wang, Cooperative transmission for meter data collection in smart grid, p.12, 2012.

L. Obregon, Secure architecture for industrial control systems, SANS Institute, InfoSec Reading Room, vol.35, p.53, 2015.

. Of-energy, Energy, I. Security, and Energy. 21 steps to improve cyber security of scada networks, p.27, 2007.

, C. A. France. Detailed measures. ANSSI, vol.32, p.48, 2013.

. Oostendorp, Domain and type enforcement firewalls, DARPA Information Survivability Conference and Exposition, 2000. DISCEX'00. Proceedings, vol.1, p.90, 2000.

S. Park and K. Lee, Advanced approach to information security management system model for industrial control system, The Scientific World Journal, p.26, 2014.

. Parra, Implementation of deep packet inspection in smart grids and industrial internet of things: Challenges and opportunities, vol.30, p.87, 2019.

. Patel, Supervisory control and data acquisition remote terminal unit testbed. Intelligent Systems Research Laboratory technical report, vol.24, p.26, 2005.

P. S. Pires and L. A. Oliveira, Security aspects of scada and corporate network interconnection: An overview, IEEE International Conference on Dependability aof computer Systems, vol.35, p.36, 2006.

J. Pollet, Innovative defense strategies for securing scada and control systems, PlantData Technologies, vol.34, p.35, 2006.

K. Poulsen, Ex-employee fingered in texas power company hack, 1921.

S. N. Premnath and Z. J. Haas, Security and privacy in the internet-of-things under time-and-budget-limited adversary model, IEEE Wireless Communications Letters, vol.4, issue.3, p.31, 2015.

. Ralston, Cyber security risk assessment for scada and dcs networks, ISA transactions, vol.46, issue.4, p.34, 2007.

D. Rosic, U. Novak, and S. Vukmirovic, Role-based access control model supporting regional division in smart grid system, 2013 Fifth International Conference on Computational Intelligence, Communication Systems and Networks, p.40, 2013.

C. Rosinger and M. Uslar, Smart grid security: Iec 62351 and other relevant standards, Standardization in Smart Grids, p.15, 2013.

J. Rrushi and R. Campbell, Detecting cyber attacks on nuclear power plants, Critical Infrastructure Protection II, p.42, 2008.

S. M. Sacramento, Man pleads guilty to attempting to shut down california's power grid, United States Attorney: Eastern District of California, p.21, 2007.

K. Salah, K. Elbadawi, and R. Boutaba, Performance modeling and analysis of network firewalls, IEEE Transactions on Network and Service Management, p.41, 2012.

[. Sani, Cyber security framework for internet of things-based energy internet, Future Generation Computer Systems, vol.93, p.32, 2019.

. Saqib, Cyber security for cyber physcial systems: A trust-based approach, J Theor Appl Inf Technol, vol.71, issue.2, p.32, 2015.

. Saxena, Authentication and authorization scheme for various user roles and devices in smart grid, IEEE Transactions on Information Forensics and Security, vol.11, issue.5, p.31, 2016.

A. Shahzad, M. Lee, Y. K. Lee, S. Kim, N. Xiong et al., Real time modbus transmissions and cryptography security designs and enhancements of protocol sensitive information, vol.30, p.40, 2015.

[. Sicard, From ics attacks' analysis to the safe approach: Implementation of filters based on behavioral models and critical state distance for ics cybersecurity, 2nd Cyber Security In Networking Conference, p.25, 2018.
URL : https://hal.archives-ouvertes.fr/hal-01905511

[. Stouffer, Guide to industrial control systems (ics) security. NIST special publication, vol.800, p.28, 2011.

. Sturm, , 2014.

. Parker, Cyber-physical vunerabilities in additive manufacturing systems, Context, vol.7, issue.8, 2014.

. Ten, Cybersecurity for critical infrastructures: attack and defense modeling, IEEE Transactions on Systems, Man, and Cybernetics-Part A: Systems and Humans, vol.40, issue.4, pp.853-865, 2010.

J. W. , Ken GeislerThierry Godart. How the distribution management system (dms) is becoming a core function of the smart grid, p.12, 2012.

M. Tiegelkamp and K. John, IEC 61131-3: Programming industrial automation systems, p.14, 1995.

[. Trappe, Low-energy security: Limits and opportunities in the internet of things, IEEE Security Privacy, vol.13, issue.1, p.31, 2015.

N. Tuptuk and S. Hailes, The cyberattack on ukraine's power grid is a warning of what's to come. The Conversation, p.24, 2016.

L. Vegh and L. Miclea, Enhancing security in cyberphysical systems through cryptographic and steganographic techniques, 2014 IEEE International Conference on Automation, Quality and Testing, Robotics, vol.30, p.32, 2014.

J. Verba and M. Milvich, Idaho national laboratory supervisory control and data acquisition intrusion detection system (scada ids), 2008 IEEE Conference on Technologies for Homeland Security, p.42, 2008.

. Vincent, Trojan detection and side-channel analyses for cyber-security in cyber-physical manufacturing systems, Procedia Manufacturing, vol.1, p.25, 2015.

M. W. , Q. Qiaow, P. Shang, and . Zeng, Design and implementation of industrial firewall for modbus/tcp, JcP, p.41, 2016.

. Wang, Drbac based access control method in substation automation system, 2008 IEEE International Conference on Industrial Technology, p.40, 2008.

. Wang, Security issues and challenges for cyber physical system, 2010.

, IEEE/ACM Int'l Conference on Green Computing and Communications & Int'l Conference on Cyber, Physical and Social Computing, p.32, 2010.

. Watin-augouard, Prospective analysis on trends in cybercrime from 2011 to 2020. National Gendarmerie, vol.21, p.139, 2011.

[. Wei, Application layer security proxy for smart grid substation automation systems, 2013 IEEE PES Innovative Smart Grid Technologies Conference (ISGT), p.40, 2013.

[. Wei, Protecting smart grid automation systems against cyberattacks, IEEE Transactions on Smart Grid, p.40, 2011.

[. Wells, Cyber-physical security challenges in manufacturing systems, Manufacturing Letters, vol.2, issue.2, p.23, 2014.

Y. Xie and D. Wang, An item-level access control framework for inter-system security in the internet of things, Applied mechanics and materials, vol.548, pp.1430-1432, 2014.

Y. , Q-learning-based vulnerability analysis of smart grid against sequential topology attacks, IEEE Transactions on Information Forensics and Security, vol.12, issue.1, p.31, 2017.

X. Yang, P. Zhao, X. Zhang, J. Lin, and W. Yu, Toward a gaussian-mixture model-based detection scheme against data integrity attacks in the smart grid, IEEE Internet of Things Journal, vol.4, issue.1, p.31, 2017.

. Bibliography-[yun, Statistical similarity of critical infrastructure network traffic based on nearest neighbor distances, Research in Attacks, Intrusions, and Defenses, p.42, 2018.

. Zvabva, Evaluation of industrial firewall performance issues in automation and control networks, 29th Biennial Symposium on Communications (BSC), vol.30, p.87, 2018.