Advertisement

Emerging and Future Cyber Threats to Critical Systems

  • Edita Djambazova
  • Magnus Almgren
  • Kiril Dimitrov
  • Erland Jonsson
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6555)

Abstract

This paper discusses the emerging and future cyber threats to critical systems identified during the EU/FP7 project ICT-FORWARD. Threats were identified after extensive discussions with both domain experts and IT security professionals from academia, industry, and government organizations. The ultimate goal of the work was to identify the areas in which cyber threats could occur and cause serious and undesirable consequences, based on the characteristics of critical systems. A model of a critical system is suggested and used to distill a list of cyber threats specific to such systems. The impact of the identified threats is illustrated by an example scenario in order to stress the risks and consequences that the materialization of such threats could entail. Finally, we discuss possible solutions and security measures that could be developed and implemented to mitigate the situation.

Keywords

Critical System Security Measure Security Threat Critical Infrastructure Security Solution 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

References

  1. 1.
    ICT FORWARD Project: Deliverable D3.1: White book: Emerging ICT threats (2010), http://www.ict-forward.eu/media/publications/forward-whitebook.pdf
  2. 2.
    Commission of the European Communities: Green Paper On a European Programme for Critical Infrastructure Protection (2005), http://eur-lex.europa.eu/LexUriServ/site/en/com/2005/com2005_0576en01.pdf
  3. 3.
    Rinaldi, S.M., Peerenboom, J.P., Kelly, T.K.: Identifying, understanding, and analyzing critical infrastructure interdependencies. IEEE Control Systems Magazine, 11–25 (2001)Google Scholar
  4. 4.
    G.T.I.S. Center: Emerging cyber threats report for 2009 (2008), http://www.gtisc.gatech.edu/pdf/CyberThreatsReport2009.pdf
  5. 5.
    NIST SP800-82: Draft guide to industrial control systems (ICS) security (2008), http://csrc.nist.gov/publications/drafts/800-82/draft_sp800-82-fpd.pdf
  6. 6.
    Chan, H., Perrig, A.: Security and privacy in sensor networks. IEEE Computer 36(10), 103–105 (2003)Google Scholar
  7. 7.
    Perrig, A., Stankovic, J., Wagner, D.: Security in wireless sensor networks. ACM Commun. 47(6), 53–57 (2004)CrossRefGoogle Scholar
  8. 8.
    Kagan, H.: Interview about wireless devices adoption in the industry and the future trends. Frost & Sullivan (2008), http://www.teknikogviden.dk
  9. 9.
    Berra, J.: Emerson first to offer WirelessHART automation products (2008), http://www.controlglobal.com/industrynews/2008/082.html
  10. 10.
    Hoske, M.T., McPherson, I.: Industrial wireless implementation guide. Control Engineering (2008), http://www.controleng.com/article/CA6584939.html
  11. 11.
    Masica, K.: Recommended practices guide for securing ZigBee wireless networks in process control system environments, Draft (2007), http://csrp.inl.gov/Documents/Securing%20ZigBee%20Networks%20in%20Process%20Control%20Systems%20Environments.pdf
  12. 12.
    IEEE 802.15.4 Standard, Wireless Medium Access Control (MAC) and Physical Layer (PHY) Specifications for Low Rate Wireless Personal Area Networks (LR-WPANs)Google Scholar
  13. 13.
    Noonan, T., Archuleta, E.: The National Infrastructure Advisory Council’s final report and recommendations on the insider threat to critical infrastructures (2008), http://www.dhs.gov/xlibrary/assets/niac/niac_insider_threat_to_critical_infrastructures_study.pdf
  14. 14.
    Keeney, M.: Insider threat study: Computer system sabotage in critical infrastructure sectors, Executive summary (2005), http://www.secretservice.gov/ntac/its_report_050516.pdf
  15. 15.
    Welander, P.: Securing legacy control systems (2009), http://www.controleng.com/article/307540-Securing_Legacy_Control_Systems.php
  16. 16.
    Wikipedia: Next generation networking, NGN all-IP (2008), http://en.wikipedia.org/wiki/NextGenerationNetworking
  17. 17.
    Fonash, P.M.: Cybersecurity & Communications (CS&C) overview, Technology trends, & challenges (2008), http://events.sifma.org/uploadedFiles/Events/2008/BCP/Fonash%20presentation.pdf
  18. 18.
    Kim, R.-H., Jang, J.-H., Youm, H.-Y.: An efficient IP traceback mechanism for the NGN based on IPv6 Protocol (2008), http://jwis2009.nsysu.edu.tw/location/paper/An%20Efficient%20IP%20Traceback%20mechanism%20for%20the%20NGN%20based%20on%20IPv6%20Protocol.pdf
  19. 19.
  20. 20.
  21. 21.
  22. 22.
    DEAR-COTS project homepage (2001), http://dear-cots.di.fc.ul.pt

Copyright information

© IFIP International Federation for Information Processing 2011

Authors and Affiliations

  • Edita Djambazova
    • 1
  • Magnus Almgren
    • 2
  • Kiril Dimitrov
    • 1
  • Erland Jonsson
    • 2
  1. 1.Institute for Parallel Processing - BASSofiaBulgaria
  2. 2.Chalmers UniversityGöteborgSweden

Personalised recommendations