Abstract
Large industries usually imply geographically dispersed supply chains composed of facilities localized in diverse regions. These facilities commonly involve operational technology (OT) (i.e., industrial control systems—ICS) and information technology (IT) infrastructures, which require integration to enable information processing. Such integration, achieved through cyber-physical systems, and leveraged by the Industry 4.0 emergence, may transform the industry and facilitate the transformation of vast data volumes into valuable information. Security risks posed by dispersed cyber-physical systems may be substantial, and dealing with cybersecurity issues in such context could be very expensive. This study reviews directives regarding cybersecurity risks in companies with dispersed supply chains and also applicable international cybersecurity standards and regulations to derive a strategy to manage cybersecurity in integrated industrial networks. The strategy proposes centralized services, optimized perimeter segregation, and data flow policies among OT and IT networks to balance the trade-off between a high level of protection with cost-effectiveness.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
de Moura, R. L., Ceotto, L., & Gonzalez, A. (2017). Industrial IoT and advanced analytics framework: An approach for the mining industry. In Proc. International Conference on Computational Science and Computational Intelligence (CSCI) (pp. 1308–1314). Las Vegas.
Griffor, E., Greer, C., Wollman, D. A., & Burns, M. J. (2017). Framework for cyber-physical systems: Volume 1. Overview (No. Special Publication (NIST SP)-1500-201).
de Moura, R. L., Ceotto, L., Gonzalez, A., & Toledo, R. (2018). Industrial Internet of Things (IIoT) platforms—An evaluation model. In International Conference on Computational Science and Computational Intelligence (CSCI) (pp. 1002–1009). Las Vegas, USA.
Alguliyev, R., Imamverdiyev, Y., & Sukhostat, L. (2018). Cyber-physical systems and their security issues. Computers in Industry, 100, 212–223.
Lee, J., Ardakani, H. D., Yang, S., & Bagheri, B. (2015). Industrial big data analytics and cyber-physical systems for future maintenance & service innovation. Procedia Cirp, 38, 3–7.
Bellagente, P., Ferrari, P., Flammini, A., Rinaldi, S., & Sisinni, E. (2016). Enabling PROFINET devices to work in IoT: Characterization and requirements. In Proc. IEEE International Instrumentation and Measurement Technology Conference Procedings (pp. 1–6). Taipei, Taiwan.
Andrews, S. K., Rajavarman, V. N., & Ramamoorthy, S. (2018). Implementing an Iot vehicular diagnostics system under a Rtos environment over Ethernet IP. Medico-Legal Update, 18(1), 548–554.
Lavrov, K. G., Kolupaev, K. G., Kharlov, D. A., Tsikhotsky, A. S., & Kulik, Y. N. (2018). Development of FOUNDATION TM Fieldbus technology for coke oven plants. Coke and Chemistry, 61(7), 270–273.
Mejías, A., Herrera, R., Márquez, M., Calderón, A., González, I., & Andújar, J. (2017). Easy handling of sensors and actuators over TCP/IP networks by open source hardware/software. Sensors, 17(1), 94.
Ponomarev, S., & Atkison, T. (2015). Industrial control system network intrusion detection by telemetry analysis. IEEE Transactions on Dependable and Secure Computing, 13(2), 252–260.
Hutchins, M. J., Bhinge, R., Micali, M. K., Robinson, S. L., Sutherland, J. W., & Dornfeld, D. (2015). Framework for identifying cybersecurity risks in manufacturing. Procedia Manufacturing, 1, 47–63. https://doi.org/10.1016/j.promfg.2015.09.060.
Shukla, M., Johnson, S. D., & Jones, P. (2019). Does the NIS implementation strategy effectively address cybersecurity risks in the UK?. In Proc. International Conference on Cybersecurity and Protection of Digital Services (Cybersecurity) (pp. 1–11). Oxford, UK.
Conteh, N. Y., & Schmick, P. J. (2016). Cybersecurity: Risks, vulnerabilities and countermeasures to prevent social engineering attacks. International Journal of Advanced Computer Research, 6(23), 31.
Turkulainen, V., Roh, J., Whipple, J. M., & Swink, M. (2017). Managing internal supply chain integration: Integration mechanisms and requirements. Journal of Business Logistics, 38(4), 290–309.
Dadheech, K., Choudhary, A., & Bhatia, G. (2018). De-militarized zone: A next level to network security. In Proc. Second International Conference on Inventive Communication and Computational Technologies (ICICCT) (pp. 595–600), Coimbatore.
Galloway, B., & Hancke, G. P. (2012). Introduction to industrial control networks. IEEE Communications Surveys & Tutorials, 15(2), 860–880.
Lorentz, H., Töyli, J., Solakivi, T., Häline, H. M., & Ojala, L. (2012). Effects of geographic dispersion on intra-firm supply chain performance. Supply Chain Management: An International Journal, 17(6), 611–626.
Chandia, R., Gonzalez, J., Kilpatrick, T., Papa, M., & Shenoi, S. (2007). “Security strategies for SCADA networks. In Proc. International Conference on Critical Infrastructure Protection (pp. 117–131). Springer, Boston, MA.
NCSC. National Cybersecurity Centre—“Cyber Assessment Framework (CAF)”. (2019). Retrieved August 2020, from https://www.ncsc.gov.uk/collection/caf
Stouffer, K., Falco, J., & Scarfone, K. (2011). Guide to industrial control systems (ICS) security. NIST Special Publication, 800(82), 16–16.
Byres, E., Karsch, E., & Carter, J. (2005). NISCC good practice guide on firewall deployment for SCADA and process control networks. National Infrastructure Security Co-Ordination Centre, 2, 2005.
Hadley, M. D., Huston, K. A., & Edgar, T. W. (2007). AGA-12, Part 2 performance test results. Pacific Northwest National Laboratories.
API Standard 1164. (2004, September). Pipeline SCADA Security.
ISO/IEC 27002:2005. Information technology—Code of practice for information security management. June 2005 (Redesignation of ISO/IEC 17799:2005).
Zdravkovic, J., Stirna, J., Henkeland, M., & Grabis, J. (2013). Modeling business capabilities and context-dependent delivery by cloud services. In Proc. International Conference on Advanced Information Systems Engineering (pp. 369–383). Springer, Berlin, Heidelberg.
Miloslavskaya, N., & Tolstoy, A. (2016). Big data, fast data and data lake concepts. Procedia Computer Science, 88, 300–305.
de Moura, R. L., Gonzalez, A., Franqueira, V. N., & Neto, A. (2020). A cyber-security strategy for internationally-dispersed industrial networks. In Proc. International Conference on Computational Science and Computational Intelligence (CSCI). Las Vegas, USA (In Press).
House, W. (2006). Homeland Security Presidential Directive 7 (HSPD-7): “Critical Infrastructure Identification, Prioritization, and Protection”.
Knapp, E. D., & Langill, J. T. (2014). Industrial Network Security: Securing critical infrastructure networks for smart grid, SCADA, and other Industrial Control Systems. Walthan, MA, EUA: Syngress.
ISA-95 Enterprise Control Systems. Retrieved Janauary 2020, from http://www.isa-95.com
Igure, V. M., Laughter, S. A., & Williams, R. D. (2006). Security issues in SCADA networks. Computers & Security, 25(7), 498–506. https://doi.org/10.1016/j.cose.2006.03.001.
Dzung, D., Naedele, M., Von Hoff, T. P., & Crevatin, M. (2005). Security for industrial communication systems. Proceedings of the IEEE, 93(6), 1152–1177.
NERC Standard CIP-002 through -009. (2006, June). Cybersecurity. Retrieved August 2020, from http://www.nerc.com/files/Reliability_Standards_Complete_Set_21Jul08.pdf
De la Rosa, D. M. (2001). Chemical facilities anti terrorism standards overview (No. SAND2011-2764C). Sandia National Lab.(SNL-NM), Albuquerque, NM (United States).
US Nuclear Regulatory Commission. (2010). Cybersecurity programs for nuclear facilities. US Nuclear Regulatory Commission, Office of Nuclear Regulatory Research.
Sepulveda, J., Flórez, D., Immler, V., Gogniat, G., & Sigl, G. (2017). Efficient security zones implementation through hierarchical group key management at NoC-based MPSoCs. Microprocessors and Microsystems, 50, 164–174.
Rababah, B., Zhou, S., & Bader, M. (2018). Evaluation the Performance of DMZ. Assoc. Mod. Educ. Computer Science, 0–13.
Hummer, M., Kunz, M., Netter, M., et al. (2016). Adaptive identity and access management—Contextual data-based policies. EURASIP Journal on Information Security, 2016, 19.
Ometov, A., Bezzateev, S., Mäkitalo, N., Andreev, S., Mikkonen, T., & Koucheryavy, Y. (2016). Multi-factor authentication: A survey. Cryptography, 2(1), 1.
Kuipers, D., & Fabro, M. (2006). Control systems cybersecurity: Defense in-depth strategies (No. INL/EXT-06-11478). Idaho National Laboratory (INL).
Ward, C., Aggarwal, V., Buco, M., Olsson, E., & Weinberger, S. (2007). Integrated change and configuration management. IBM Systems Journal, 46(3), 459–478.
Song, M., Kim, H. R., & Kim, H. K. (2016). Intrusion detection system based on the analysis of time intervals of can messages for in-vehicle network. In Proc. 2016 “International conference on information networking(ICOIN)” (pp. 63–68). IEEE, 2016, Conference Proceedings.
Shen, C., Liu, C., Tan, H., Wang, Z., Xu, D., & Su, X. (2018). Hybrid-augmented device fingerprinting for intrusion detection in industrial control system networks. IEEE Wireless Communications, 25(6), 26–31.
Ponomarev, S., & Atkison, T. (2016). Industrial control system network intrusion detection by telemetry analysis. IEEE Transactions on Dependable and Secure Computing, 13(2), 252–260.
Ahmad, F., Adnane, A., Franqueira, V. N. L., Kurugollu, F., & Liu, L. (2018). Man-in-the-middle attacks in vehicular ad-hoc networks: Evaluating the impact of attackers’ strategies. Sensors, 18(11), 4040. https://doi.org/10.3390/s18114040.
IEC 62443, Industrial communication networks—“Network and system security”, IE C Std., many parts, closely related to ISA 99 Stds.
Schuba, C. L., Krsul, I. V., Kuhn, M. G., Spafford, E. H., Sundaram, A., & Zamboni, D. (1997). Analysis of a denial of service attack on TCP. In Proc. Proceedings. IEEE Symposium on Security and Privacy (Cat. No. 97CB36097) (pp. 208–223).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this chapter
Cite this chapter
de Moura, R.L., Gonzalez, A., Franqueira, V.N.L., Neto, A.L.M., Pessin, G. (2021). Geographically Dispersed Supply Chains: A Strategy to Manage Cybersecurity in Industrial Networks Integration. In: Daimi, K., Peoples, C. (eds) Advances in Cybersecurity Management. Springer, Cham. https://doi.org/10.1007/978-3-030-71381-2_6
Download citation
DOI: https://doi.org/10.1007/978-3-030-71381-2_6
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-71380-5
Online ISBN: 978-3-030-71381-2
eBook Packages: Computer ScienceComputer Science (R0)