Industrial IoT 기반의 제어 시스템을 위한 통합 보안 프레임워크
Integrated Security Framework for Industrial IoT-based Control System
- 주제(키워드) Industrial IoT , Control System , Security , Framework , Assessment
- 발행기관 아주대학교
- 지도교수 손태식
- 발행년도 2018
- 학위수여년월 2018. 8
- 학위명 박사
- 학과 및 전공 일반대학원 컴퓨터공학과
- 실제URI http://www.dcollection.net/handler/ajou/000000027771
- 본문언어 영어
- 저작권 아주대학교 논문은 저작권에 의해 보호받습니다.
초록/요약
In modern society introduced Industrial 4.0, Information and Communication Technology (ICT) such as Supervisory Control and Data Acquisition (SCADA) is applied to industrial control systems (ICS) applied to various fields such as power, factory, and financial is applied. Especially, in the field of power systems, ICT such as Industrial Internet of Things (IoT) is applied for efficient radio measurement. As a result, existing stand-alone systems have increased contact points with external networks. However, in case of most ICS, there is a lack of security guideline and operation guidance for a newly changed environment. Accordingly, various countermeasures have been developed to protect ICT-based ICS from cyber attacks. However, it is difficult to cope with cyber attacks that are evolving, such as potential security threats or Advanced Persistent Threat (APT). In order to effectively and proactively respond to new security threats including APT attacks, it is needed to understand and inspect the current security status of the system. It is necessary to identify the security requirements on the basis of the checked contents and establish an appropriate security response structure accordingly, thereby improving the security of the intelligent and open ICS and ensuring social safety. In this paper, we propose an Integrated Security Framework consisting of three steps to improve the security level of ICS environment using Industrial IoT technology. The first step is the 'vulnerability inspection' stage to check for potential security threats using the OSINT technique preemptively. The second step is the 'security architecture modeling' stage, where security functions are deployed by analyzing the security requirements necessary to mitigate the threats of the ICS environment. The third step is a 'system assessment' stage to evaluate the security vulnerability of the system using the security vulnerability quantification technique based on Game theory. And a case study showing that the security of ICS environment can be improved by verifying the proposed framework for ICS network composed of the analysis of reference models.
more목차
Chapter 1 Introduction 1
1.1 Overall Framework 3
1.2 Contribution to the Field 5
1.3 Thesis Outline 6
Chapter 2 Background and Related Works 7
2.1 Security Frameworks 9
2.2 Related Methodologies 16
Chapter 3 Integrated Security Framework 29
3.1 Part1: Vulnerability Inspection 31
3.2 Part2: Security Architecture Modeling 35
3.3 Part3: System Assessment 43
Chapter 4 Experiment and Verification 53
4.1 Target System Modeling 53
4.2 Security Level Enhancement 56
4.3 Model Assessment 65
Chapter 5 Conclusion 84
5.1 Summary 84
5.2 Future Work 85
5.3 Closing Remarks 85
