Abstract
Industrial systems are publicly the target of cyberattacks since Stuxnet. Nowadays they are increasingly communicating over insecure media such as Internet. Due to their interaction with the real world, it is crucial to ensure their security. In this paper, we propose a domain specific stateful filtering that keeps track of the value of predetermined variables. Such filter allows to express rules depending on the context of the system. Moreover, it must guarantee bounded memory and execution time to be resilient against malicious adversaries. Our approach is illustrated on an example.
This work has been partially supported by the LabEx PERSYVAL-Lab (ANR-11-LABX-0025) and the project PIA ARAMIS (P3342-146798).
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Langner, R.: Stuxnet: dissecting a cyberwarfare weapon. IEEE Secur. Priv. 9(3), 49–51 (2011)
ANSSI. Managing cybersecurity for ICS, June 2012
Verba, J., Milvich, M.: Idaho national laboratory supervisory control and data acquisition intrusion detection system (scada ids). In: THS 2008 (2008)
Paxson, V.: Bro: a system for detecting network intruders in real-time. Comput. Netw. 31(23), 2435–2463 (1999)
OISF. Suricata: Open source ids / ips / nsm engine, April 2016. http://suricata-ids.org/
Snort Team. Snort: Open source network intrusion prevention system, April 2016https://www.snort.org
EDF R&D SINETICS. Dispositif d’échange sécurisé d’informations sans interconnexion réseau. Agence nationale de la sécurité des systèmes d’information, April 2010
SECLAB-FR. Dz-network. Agence nationale de la sécurité des systèmes d’information, June 2014
United States Department of Homeland Security. Foia response documents, July 2014. http://s3.documentcloud.org/documents/1212530/14f00304-documents.pdf
Schneider, F.B.: Enforceable security policies. ACM Trans. Inf. Syst. Secur. (TISSEC) 3(1), 30–50 (2000)
Falcone, Y., Fernandez, J.-C., Mounier, L.: What can you verify and enforce at runtime? Technical report TR-2010-5, Verimag Research Report (2010)
Chen, Q., Abdelwahed, S.: A model-based approach to self-protection in scada systems. In: IWFC 2014, Philadelphia, PA, June 2014
Stergiopoulos, G., Theocharidou, M., Gritzalis, D.: Using logical error detection in software controlling remote-terminal units to predict critical information infrastructures failures. In: Tryfonas, T., Askoxylakis, I. (eds.) HAS 2015. LNCS, vol. 9190, pp. 672–683. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-20376-8_60
Roşu, G.: On safety properties and their monitoring. Sci. Ann. Comput. Sci. 22(2), 327–365 (2012)
Lorch, M., Proctor, S., Lepro, R., Kafura, D., Shah, S.: First experiences using XACML for access control in distributed systems. In: XML Security 2003 (2003)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Puys, M., Roch, JL., Potet, ML. (2017). Domain Specific Stateful Filtering with Worst-Case Bandwidth. In: Havarneanu, G., Setola, R., Nassopoulos, H., Wolthusen, S. (eds) Critical Information Infrastructures Security. CRITIS 2016. Lecture Notes in Computer Science(), vol 10242. Springer, Cham. https://doi.org/10.1007/978-3-319-71368-7_28
Download citation
DOI: https://doi.org/10.1007/978-3-319-71368-7_28
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-71367-0
Online ISBN: 978-3-319-71368-7
eBook Packages: Computer ScienceComputer Science (R0)