Abstract
Various ICT features are being embedded in an industrial control system (ICS), in accordance with the advancement of information communication devices and an increase in convenience. ICS features and efficiency have been improved through a convergence with ICT technology but they are being exposed to external cyber attacks that take advantage of ICT technology vulnerabilities, and advanced persistent threats attack taking advantage of connectionless devices such as a USB. In particular, malwares that enter infrastructure control system through portable storage device are causing direct/indirect damages to infrastructure and becoming a significant social issue. This paper developed a security patch system for ensuring the stability of a portable storage device data. Specifically, it was designed to create an isolated space for a connectionless device and to execute a selective patch. Based on this study, a safe utilization of infrastructure will be expected.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Bang J, Yoo B, Lee S (2010) Secure USB bypassing tool. Digit Investig 7:S114–S120
Bushmitch D, Memon N, Narayanan S (2007) Computer network security system employing portable storage device. US Patent No. 7,228,438, 5 June 2007
Dalesioa LR, Hilla JO, Kraimerb M, Lewisc S, Murray D, Huntd S, Watsone W, Clausenf M, Dalesiog J (1994) The experimental physics and industrial control system architecture: past, present, and future. Nucl Instrum Methods Phys Res Sect A Accel Spectrom Detect Assoc Equip 352.1:179–184
Elteto L, Grove B, Sotoodeh M (2003) Driverless USB security token. US Patent Application 10/704,999
Jeong H et al (2007) Vulnerability analysis of secure USB flash drives. In: IEEE international workshop on memory technology, design and testing (MTDT’07). IEEE
Kung G, Learmonth T (2002) Secure attachment of portable data storage device. US Patent Application 10/273,775
Li J (2006) USB-compliant personal key. US Patent Application 11/390,587
LI J et al (2008) Security monitoring technology of USB storage device based on driver layer [J]. Comput Eng 8:092
Ziv A, Bychkov E (2009) Apparatus and method for securing data on a portable storage device. US Patent No. 7,478,248, 13 Jan 2009
Byres E, Lowe J (2004) The myths and facts behind cyber security risks for industrial control systems. In: Proceedings of the VDE-Kongress, vol 116
Fukuda T, Shibata T (1992) Theory and applications of neural networks for industrial control systems. IEEE Trans Ind Electron 39(6):472–489
Stouffer K, Falco J, Scarfone K (2011) Guide to industrial control systems (ICS) security. NIST Special Publication, Gaithersburg, MD, pp 800–882
Langner R (2011) Stuxnet: dissecting a cyberwarfare weapon. Secur Priv IEEE 9(3):49–51
Chen TM (2010) Stuxnet, the real start of cyber warfare? [Editor’s Note]. Netw IEEE 24(6):2–3
Weiss J (2014) Industrial Control System (ICS) cyber security for water and wastewater systems. In: Clark RM, Hakim S (eds) Securing water and wastewater systems. Springer, New York, pp 87–105
Lemay A, Fernandez J, Knight S (2013) An isolated virtual cluster for SCADA network security research. In: Proceedings of the 1st international symposium for ICS & SCADA cyber security research
Acknowledgments
This work was supported by the Human Resources Development (No. 20154030200860) of the Korea Institute of Energy Technology Evaluation and Planning (KETEP) grant funded by the Korea government Ministry of Trade, Industry and Energy.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Na, O., Lee, JP. & Chang, H. Intelligent secure patching service for enhancing infrastructure control system performance. J Supercomput 72, 3468–3477 (2016). https://doi.org/10.1007/s11227-015-1491-z
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11227-015-1491-z