Skip to main content

Advertisement

Springer Nature Link
Log in
Menu
Find a journal Publish with us Track your research
Search
Saved research
Cart
  1. Home
  2. Critical Infrastructure Protection II
  3. Conference paper

Applying Trusted Network Technology To Process Control Systems

  • Conference paper
  • pp 57–70
  • Cite this conference paper
Save conference paper
View saved research
Critical Infrastructure Protection II (ICCIP 2008)
Applying Trusted Network Technology To Process Control Systems
  • Hamed Okhravi2 &
  • David Nicol2 

Part of the book series: The International Federation for Information Processing ((IFIPAICT,volume 290))

Included in the following conference series:

  • International Conference on Critical Infrastructure Protection
  • 2035 Accesses

  • 7 Citations

Interconnections between process control networks and enterprise networks expose instrumentation and control systems and the critical infrastructure components they operate to a variety of cyber attacks. Several architectural standards and security best practices have been proposed for industrial control systems. However, they are based on older architectures and do not leverage the latest hardware and software technologies. This paper describes new technologies that can be applied to the design of next generation security architectures for industrial control systems. The technologies are discussed along with their security benefits and design trade-offs.

Download to read the full chapter text

Chapter PDF

Similar content being viewed by others

Using machine learning to detect network intrusions in industrial control systems: a survey

Article 08 November 2024

An Approach to Building Cyber-Resistant Interactions in the Industrial Internet of Things

Article 01 December 2019

Software Defined Networking Opportunities for Intelligent Security Enhancement of Industrial Control Systems

Chapter © 2018

Explore related subjects

Discover the latest articles, books and news in related subjects, suggested using machine learning.
  • Computer Networks
  • Cyber-Physical Systems
  • Industrial Automation
  • Internet of Things
  • Mobile and Network Security
  • Security Science and Technology
  • Internet of Things Applications in Smart Environments

References

  1. E. Byres, B. Chauvin, J. Karsch, D. Hoffman and N. Kube, The special needs of SCADA/PCN firewalls: Architectures and test results, Proceedings of the Tenth IEEE Conference on Emerging Technologies and Factory Automation, 2005.

    Google Scholar 

  2. E. Byres, D. Leversage and N. Kube, Security incident and trends in SCADA and process industries: A statistical review of the Industrial Security Incident Database (ISID), White Paper, Symantec Corporation, Cupertino, California, 2007.

    Google Scholar 

  3. E. Byres and J. Lowe, The myths and facts behind cyber security risks for industrial control systems, Proceedings of the VDE Congress, pp. 213–218, 2004.

    Google Scholar 

  4. D. Capite, Self-Defending Networks: The Next Generation of Network Security, Cisco Press, Indianapolis, Indiana, 2006.

    Google Scholar 

  5. Cisco Systems, Implementing Network Admission Control — Phase One Configuration and Deployment, Version 1.1, San Jose, California, 2005.

    Google Scholar 

  6. Cisco Systems, Cisco TrustSec: Enabling switch security services, San Jose, California (www.cisco.com/en/US/solutions/collateral/ns340/ns3 94/ns147/ns774/net implementation_white_paper0900aecd80716abd.pdf), 2007.

    Google Scholar 

  7. Cisco Systems, Cisco NAC Appliance — Clean Access Manager Installation and Configuration Guide, Release 4.1(3), San Jose, California (www.cisco.com/en/US/docs/security/nac/appliance/configuration.guide/413/ cam/cam413ug.pdf), 2008.

  8. Cisco Systems, Getting started with Cisco NAC network modules in Cisco access routers, San Jose, California (www.cisco.com/en/US/docs/security /nac/appliance/installation.guide/netmodule/nacnmgsg.pdf),2008.

    Google Scholar 

  9. Cisco Systems and Microsoft Corporation, Cisco Network Admission Control and Microsoft Network Access Protection Interoperability Architecture, Redmond, Washington (www.microsoft.com/presspass/events/ssc /docs/CiscoMSNACWP.pdf), 2006.

    Google Scholar 

  10. M. Franz and D. Miller, Industrial Ethernet security: Threats and counter measures (www.threatmind.net/papers/franz-miller-industrial-ethernet-se c-03.pdf), 2003.

    Google Scholar 

  11. Industrial Automation Open Networking Association, The IAONA Handbook for Network Security, Version 1.3, Magdeburg, Germany (www.iaona.org/pictures/files/1122888138-IAONAHNS1_3-reduced_050 725.pdf), 2005.

  12. Instrumentation, Systems and Automation Society, Integrating Electronic Security into the Manufacturing and Control Systems Environment, ANSI/ISA Technical Report TR99.00.02-2004, Research Triangle Park, North Carolina, 2004.

    Google Scholar 

  13. Microsoft Corporation, Network access protection platform architecture, Redmond, Washington (www.microsoft.com/technet/network/nap/nap arch.mspx),2004.

  14. MITRE Corporation, CAPEC: Common Attack Pattern Enumeration and Classification, Bedford, Massachusetts (capec mitre.org).

    Google Scholar 

  15. North American Electric Reliability Council, SQL slammer worm lessons learned for consideration by the electricity sector, Princeton, New Jersey (www.esisac.com/publicdocs/SQLSlammer_2003.pdf), 2003.

  16. Office of Nuclear Reactor Regulation, Potential vulnerability of plant computer network to worm infection, NRC Information Notice 2003-14, Nuclear Regulatory Commission, Washington, DC (www.nrc.gov/reading-rm/doc-collections/gen-comm/info-notices/2003/in200314.pdf),2003.

  17. R. Ross, S. Katzke, A. Johnson, M. Swanson, G. Stoneburner and G. Rogers, Recommended Security Controls for Federal Information Systems, NIST Special Publication 800–53, National Institute of Standards and Technology, Gaithersburg, Maryland, 2005.

    Google Scholar 

  18. M. Sopko and K. Winegardner, Process control network security concerns and remedies, IEEE Cement Industry Technical Conference Record, pp. 26–37, 2007.

    Google Scholar 

  19. K. Stouffer, J. Falco and K. Scarfone, Guide to Industrial Control Systems Security, Second Public Draft, NIST Special Publication 800–82, National Institute of Standards and Technology, Gaithersburg, Maryland, 2007.

    Google Scholar 

  20. Trusted Computing Group, Trusted network connect to ensure endpoint integrity, Beaverton, Oregon (www.trustedcomputinggroup.org/groups /network/TNC_NI_collateral_10_may.pdf), 2005.

  21. A. Wool, A quantitative study of firewall configuration errors, IEEE Computer, vol. 37(6), pp. 62–67, 2004.

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. University of Illinois, Chicago, USA

    Hamed Okhravi (Ph.D. candidate) & David Nicol (Professor of Electrical and Computer Engineering)

Authors
  1. Hamed Okhravi
    View author publications

    Search author on:PubMed Google Scholar

  2. David Nicol
    View author publications

    Search author on:PubMed Google Scholar

Editor information

Editors and Affiliations

  1. University of Tulsa, Tulsa, Oklahoma, USA

    Mauricio Papa & Sujeet Shenoi & 

Rights and permissions

Reprints and permissions

Copyright information

© 2008 IFIP International Federation for Information Processing

About this paper

Cite this paper

Okhravi, H., Nicol, D. (2008). Applying Trusted Network Technology To Process Control Systems. In: Papa, M., Shenoi, S. (eds) Critical Infrastructure Protection II. ICCIP 2008. The International Federation for Information Processing, vol 290. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-88523-0_5

Download citation

  • .RIS
  • .ENW
  • .BIB
  • DOI: https://doi.org/10.1007/978-0-387-88523-0_5

  • Publisher Name: Springer, Boston, MA

  • Print ISBN: 978-0-387-88522-3

  • Online ISBN: 978-0-387-88523-0

  • eBook Packages: Computer ScienceComputer Science (R0)Springer Nature Proceedings Computer Science

Share this paper

Anyone you share the following link with will be able to read this content:

Sorry, a shareable link is not currently available for this article.

Provided by the Springer Nature SharedIt content-sharing initiative

Keywords

  • Process control systems
  • trusted networks
  • security architectures

Publish with us

Policies and ethics

Search

Navigation

  • Find a journal
  • Publish with us
  • Track your research

Footer Navigation

Discover content

  • Journals A-Z
  • Books A-Z
  • Subjects A-Z

Publish with us

  • Journal finder
  • Publish your research
  • Language editing
  • Open access publishing

Products and services

  • Our products
  • Librarians
  • Societies
  • Partners and advertisers

Our brands

  • Springer
  • Nature Portfolio
  • BMC
  • Palgrave Macmillan
  • Apress
  • Discover

Corporate Navigation

  • Your US state privacy rights
  • Accessibility statement
  • Terms and conditions
  • Privacy policy
  • Help and support
  • Legal notice
  • Cancel contracts here

104.23.243.58

Not affiliated

Springer Nature

© 2026 Springer Nature