| Summary: | The paper investigates cyber threats and potential solutions for protecting industrial control systems (ICS). On the cyber threats side, different off-the-shelf offensive solutions, both hardware and software, are analysed and tested. The goal of the paper is to increase cyber threat awareness by showing how such off-the-shelf solutions, well known to IT security experts, can be utilised as (or inspire) attack vectors to gain access to generally unprotected industrial plants. After obtaining an accessing point, Man-in-the-Middle (MITM) and Legal-Client-to-Server (LCSA) types of attacks from reconnaissance, client-to-server and server-to-client categories are demonstrated. For this purpose, a Modbus communication protocol implemented in a real compressor station is used as basis. Regarding potential protection solutions, the paper proposes a simple-to-implement and cheap hardening methodology applicable inside almost any industrial plant. A novel, PLC-based ICS cyber security protection method, made of a signal validity monitoring mechanism and a control system integrity check mechanism is also discussed and demonstrated. Both penetration testing and hardening methodology are verified experimentally, using real PLC and HMI devices.
|
|---|