Share these talks and lectures with your colleagues
Invite colleaguesPractice paper
Consider the consequences: A powerful approach for reducing ICS cyber risk
Cyber Security: A Peer-Reviewed Journal,
1
(1),
28-43
(2017)
Abstract
Securing industrial control systems (ICS) or, for that matter, information technology (IT) systems is a never-ending battle. Cybersecurity subject matter experts secure their systems with the latest technology and threat actors develop new techniques to bypass these controls in a constant arms race of attack and defend, attack and defend. This single-minded focus on responding to the latest threat often causes ICS cybersecurity subject matter experts to forget what they are defending, which is controlling and protecting the process. To be more specific, the cyber protections should prevent a threat actor from issuing malicious control commands and/or ensuring that a threat actor does not stop legitimate commands from reaching their objectives. Unauthorised commands and the inability to issue commands have caused several high-profile impacts that resulted in significant damage in physical systems. This paper explores the relationship between cyber and physical systems by introducing a reference model that explains the cascading nature of impacts. While a cyberattack on an ICS originates in the cyber domain the most serious impacts occur in the physical domain. By understanding this concept, cybersecurity subject matter experts can make more targeted defensive measures in the cyber domain and add protections in the physical domain to significantly reduce ICS cyber risk.
Keywords: ICS cybersecurity; cyberattacks; cyber/physical impacts; ICS Cyber Kill Chain; protection layers; risk analysis
The full article is available to subscribers to the journal.
Author's Biography
Richard Wyman is a senior control systems engineer at Idaho National Laboratory (INL). During the last eight years, he has supported the United States Department of Homeland Security (DHS) Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) assessment and training programmes. As one of the original members of the ICS-CERT assessment team, Richard has evaluated over 100 control systems. Before his INL career, he worked as a project manager and technical lead for a northern California water utility, where he was responsible for the design and installation of a large distributed supervisory control and data acquisition (SCADA) system. In addition to his technical expertise, Richard has given presentations on controls and communications at several professional conferences and presented workshops on industrial communications, instrumentation and control systems in North America and Europe. He graduated with a Bachelor’s Degree from Brigham Young University and a Master’s Degree from the University of Washington in mechanical engineering.
