2.2 ICS-Targeting Malware Analysis

In recent years, more and more malware took ICSs as targets, causing an increasingly great damage.

The following sections analyze major ICS-targeting malware. (more…)

Typical ICS Security Incidents

As ICSs are increasingly informatized and open, more and more attacks are hitting ICSs, doing an increasing harm. ICS-targeted attacks use the IT network as a springboard to affect the operating of OT systems. Currently, attacks against ICSs are carried out to achieve three purposes: disrupting the normal operating of ICSs, obtaining ICS data, and making financial gains. (more…)

Technical Trend of ICS Information Security

1.3.1 General Introduction

As the application of IT technologies in industrial fields is expanding in breadth and depth, ICSs are facing an increasing number of security risks. ICSs’ original security protection systems which
feature border separation and protection tend to be associated and integrated with business. With the emergence of new application forms such as industrial clouds and industrial big data, ICS security products need to surpass the existing products in terms of functions and application form, so as to better adapt to new applications. (more…)

Development of ICS Information Security

Since the Stuxnet virus explosion, countries all over the world have taken ICS security issues to a new height by actively working out and introducing related policies, standards, technologies, and solutions.

A look into ICS security developments around the world reveals that the USA is the first to research and implement ICS security standards. North America Electric Reliability Corporation has conducted security checks on electric power (including nuclear power) enterprises according to requirements defined in CIP series standards. Europe has inspected security of industrial control products in accordance with WIB standards. Some counties represented by Germany are diverting their efforts to ICS security in compliance with ISO 27009. Japan, in line with requirements of IEC 62443 and Achilles Certification, stipulated in 2013 that all ICS products can be applied in the country only after they are certified by national standards. Also, this country has conducted ICS security checks and construction in energy, chemical, and other critical sectors. Israel has set up a state-level ICS product security inspection center to perform security inspection on ICS products before they are connected to networks. (more…)

1.2 Development of ICS Information Security

As industrial informatization advances at a rapid pace and the industrial Internet, industrial clouds, and other new technologies spring up, information and network technologies and IoT technologies have found wide application in smart grid systems, intelligent transportation systems, and industrial production systems.

For the sake of inter-system collaboration and information sharing, ICSs are breaking out of the traditional model of previous dedicated systems that run in a closed-off manner and begin to incorporate some standard and universal communication protocols and software and hardware systems. Some ICSs can even connect to the Internet in one way or another, thus breaking the protection barrier formed by the enclosed network, but exposing those systems to more threats.

As ICSs are most commonly seen in a country’s critical industries such as electricity, transportation, petrochemical, and nuclear sectors, cyberattacks targeting those systems will cause a more serious social impact and economic loss. Out of political, military, economic, and religious reasons, adversary organizations and countries and terrorist criminals can make industrial control systems their attack targets for malicious intents. (more…)

Development of ICS Security

1.1 Development of Industrial Intelligence

The following figure shows the development history of industrial control systems (ICSs).

The history of ICSs can date back to the 18th century when James Watt improved the steam engine by adding a throttling controller, i.e., a centrifugal governor. The centrifugal governor works like this: It obtains feedback signals by using a shaft around which it rotates with the steam engine. Also, it adjusts the positions of flyballs with the aid of centrifugal force, so as to regulate the steam throttle for control of the rotational speed of the steam engine. It is believed that this kind of centrifugal governor marks the beginning of automatic regulation and automatic control. (more…)