Testing Commercial Intrusion Detection Systems for Industrial Control Systems in a Substation Hardware in the Loop Testlab
Industrial Control Systems (ICS) are increasingly integrated with Information Technology (IT) systems, blending Operational Technology (OT) and IT components. This evolution introduces new cyber-attack risks, necessitating specialized security measures like Intrusion Detection Systems (IDS). This pa...
Main Authors: | , , , , |
---|---|
Format: | Article |
Language: | English |
Published: |
MDPI AG
2023-12-01
|
Series: | Electronics |
Subjects: | |
Online Access: | https://www.mdpi.com/2079-9292/13/1/60 |
_version_ | 1797358963384123392 |
---|---|
author | Jon-Martin Storm Siv Hilde Houmb Pallavi Kaliyar Laszlo Erdodi Janne Merete Hagen |
author_facet | Jon-Martin Storm Siv Hilde Houmb Pallavi Kaliyar Laszlo Erdodi Janne Merete Hagen |
author_sort | Jon-Martin Storm |
collection | DOAJ |
description | Industrial Control Systems (ICS) are increasingly integrated with Information Technology (IT) systems, blending Operational Technology (OT) and IT components. This evolution introduces new cyber-attack risks, necessitating specialized security measures like Intrusion Detection Systems (IDS). This paper presents our work on both developing an experimental protocol and conducting tests of various IDS types in a digital substation hardware in the loop (HIL) testbed, offering insights into their performance in realistic scenarios. Our findings reveal significant variations in IDS effectiveness against industrial-specific cyber-attacks, with IT-specific IDSs struggling to detect certain attacks and changing testlab conditions affecting the assessment of ICS-specific IDSs. The challenges faced in creating valid and reliable evaluation metrics underscore the complexities of replicating operational ICS conditions. This research enhances our understanding of IDS effectiveness in ICS settings and underscores the importance of further experimental research in HIL testlab environments. |
first_indexed | 2024-03-08T15:09:45Z |
format | Article |
id | doaj.art-c92570514f764dc5a05d17235c325273 |
institution | Directory Open Access Journal |
issn | 2079-9292 |
language | English |
last_indexed | 2024-03-08T15:09:45Z |
publishDate | 2023-12-01 |
publisher | MDPI AG |
record_format | Article |
series | Electronics |
spelling | doaj.art-c92570514f764dc5a05d17235c3252732024-01-10T14:54:16ZengMDPI AGElectronics2079-92922023-12-011316010.3390/electronics13010060Testing Commercial Intrusion Detection Systems for Industrial Control Systems in a Substation Hardware in the Loop TestlabJon-Martin Storm0Siv Hilde Houmb1Pallavi Kaliyar2Laszlo Erdodi3Janne Merete Hagen4Department of Informatics, University of Oslo, 0373 Oslo, NorwayDepartment of Information Security and Communication Technology, Norwegian University of Science and Technology, 2815 Gjøvik, NorwayDepartment of Information Security and Communication Technology, Norwegian University of Science and Technology, 2815 Gjøvik, NorwayDepartment of Information Security and Communication Technology, Norwegian University of Science and Technology, 2815 Gjøvik, NorwayDepartment of Informatics, University of Oslo, 0373 Oslo, NorwayIndustrial Control Systems (ICS) are increasingly integrated with Information Technology (IT) systems, blending Operational Technology (OT) and IT components. This evolution introduces new cyber-attack risks, necessitating specialized security measures like Intrusion Detection Systems (IDS). This paper presents our work on both developing an experimental protocol and conducting tests of various IDS types in a digital substation hardware in the loop (HIL) testbed, offering insights into their performance in realistic scenarios. Our findings reveal significant variations in IDS effectiveness against industrial-specific cyber-attacks, with IT-specific IDSs struggling to detect certain attacks and changing testlab conditions affecting the assessment of ICS-specific IDSs. The challenges faced in creating valid and reliable evaluation metrics underscore the complexities of replicating operational ICS conditions. This research enhances our understanding of IDS effectiveness in ICS settings and underscores the importance of further experimental research in HIL testlab environments.https://www.mdpi.com/2079-9292/13/1/60smart gridcyber securityindustrial control systemintrusion detection systemSCADAdigital substation |
spellingShingle | Jon-Martin Storm Siv Hilde Houmb Pallavi Kaliyar Laszlo Erdodi Janne Merete Hagen Testing Commercial Intrusion Detection Systems for Industrial Control Systems in a Substation Hardware in the Loop Testlab Electronics smart grid cyber security industrial control system intrusion detection system SCADA digital substation |
title | Testing Commercial Intrusion Detection Systems for Industrial Control Systems in a Substation Hardware in the Loop Testlab |
title_full | Testing Commercial Intrusion Detection Systems for Industrial Control Systems in a Substation Hardware in the Loop Testlab |
title_fullStr | Testing Commercial Intrusion Detection Systems for Industrial Control Systems in a Substation Hardware in the Loop Testlab |
title_full_unstemmed | Testing Commercial Intrusion Detection Systems for Industrial Control Systems in a Substation Hardware in the Loop Testlab |
title_short | Testing Commercial Intrusion Detection Systems for Industrial Control Systems in a Substation Hardware in the Loop Testlab |
title_sort | testing commercial intrusion detection systems for industrial control systems in a substation hardware in the loop testlab |
topic | smart grid cyber security industrial control system intrusion detection system SCADA digital substation |
url | https://www.mdpi.com/2079-9292/13/1/60 |
work_keys_str_mv | AT jonmartinstorm testingcommercialintrusiondetectionsystemsforindustrialcontrolsystemsinasubstationhardwareinthelooptestlab AT sivhildehoumb testingcommercialintrusiondetectionsystemsforindustrialcontrolsystemsinasubstationhardwareinthelooptestlab AT pallavikaliyar testingcommercialintrusiondetectionsystemsforindustrialcontrolsystemsinasubstationhardwareinthelooptestlab AT laszloerdodi testingcommercialintrusiondetectionsystemsforindustrialcontrolsystemsinasubstationhardwareinthelooptestlab AT jannemeretehagen testingcommercialintrusiondetectionsystemsforindustrialcontrolsystemsinasubstationhardwareinthelooptestlab |