OT Security

Global Industrial Cyber Security Professional (GICSP) The GICSP bridges together IT, engineering and cyber security to achieve security for industrial control systems from design through retirement. This unique vendor-neutral, practitioner focused industrial control system certification is a collaborative effort … [Read more...] about OT Security Certifications (GICSP, GRID, GCIP)

ATT&CK for ICS is a knowledge base useful for describing the actions an adversary may take while operating within an ICS network. The knowledge base can be used to better characterize and describe post-compromise adversary behavior. The MITRE ATT&CK for ICS Matrix is an overview of the tactics and techniques … [Read more...] about ATT&CK® for Industrial Control Systems (ICS)

As many industries shift towards centralised controlled information systems for monitoring and control, more importance is being placed upon technologies such as Supervisory Control and Data Acquisitions industrial systems (SCADA). This focus on integration and interoperability presents numerous challenges for security … [Read more...] about Convergence of IT and SCADA: Associated Security Threats and Vulnerabilities

The proliferation and application of machine learning based Intrusion Detection Systems (IDS) have allowed for more flexibility and efficiency in the automated detection of cyber attacks in Industrial Control Systems (ICS). However, the introduction of such IDSs has also created an additional attack vector; the … [Read more...] about Adversarial Attacks on Machine Learning Cybersecurity Defences in ICS

Industrial Control System (ICS) is a general term that includes supervisory control & data acquisition (SCADA) systems, distributed control systems (DCS), and other control system configurations such as programmable logic controllers (PLC). ICSs are often found in the industrial sectors and critical … [Read more...] about Cybersecurity for Industrial Control Systems: A Survey

Pipeline bursting, production lines shut down, frenzy traffic, trains confrontation, nuclear reactor shut down, disrupted electric supply, interrupted oxygen supply in ICU - these catastrophic events could result because of an erroneous SCADA system/ Industrial Control System(ICS). SCADA systems have become an … [Read more...] about Architecture and Security of SCADA Systems: A Review

Over the last years, Industrial Control Systems (ICS) have become increasingly exposed to a wide range of cyber-physical threats. Efficient models and techniques able to capture their complex structure and identify critical cyber-physical components are therefore essential. AND/OR graphs have proven very useful in this … [Read more...] about Assessing Cyber-Physical Security in Industrial Control Systems

Industrial Control Networks (ICN) such as Supervisory Control and Data Acquisition (SCADA) systems are widely used in industries for monitoring and controlling physical processes. These industries include power generation and supply, gas and oil production and delivery, water and waste management, telecommunication and … [Read more...] about Anomaly Detection for Industrial Control Networks using Machine Learning

Programmable Logic Controllers are used for smart homes, in production processes or to control critical infrastructures. Modern industrial devices in the control level are often communicating over proprietary protocols on top of TCP/IP with each other and SCADA systems. The networks in which the controllers operate are … [Read more...] about An IT-Security Fuzzing Framework for Proprietary ICS Protocols

While data from Supervisory Control And Data Acquisition (SCADA) systems is sent upstream, it is both the length of pulses as well as their frequency present an excellent opportunity to incor-porate statistical fingerprinting. This is so, because datagrams in SCADA traffic follow a poison distribution. Although … [Read more...] about Securing Big Data from Eavesdropping Attacks in SCADA/ICS Network Data Streams