Research on Security of Industrial Control Systems (ICS)

0Introduction

Modern industrial control systems include process control, data acquisition systems (SCADA), distributed control systems (DCB), program logic control (PLC) and other control systems. They have been applied to power, water, petrochemical, medicine, food, automobile, aerospace and other industrial fields, becoming an important part of the country's key infrastructure and related to the country's strategic security. For this reason, the "National Information Security Standardization "Eleventh Five-Year Plan" specifically regards the formulation of industrial CS security standards as the focus of information security standardization work during the "Eleventh Five-Year Plan" period.

Compared with the security of traditional TCP/IP-based network and information systems, the security protection level of industrial CS in my country is significantly lower and has not received much attention for a long time. When developing most industrial CS, due to the limited computing resources of traditional industrial CS technology, only efficiency and real-time characteristics are considered in the design, and security is not considered as an important indicator. With the promotion of informatization and the acceleration of industrialization, more and more computer and network technologies are applied to industrial control systems. While greatly promoting industrial production, it also brings security problems to industrial CS, such as Trojans, viruses, network attacks causing information leakage and control instruction tampering.

Figure 1 shows the statistics of industrial CS security incidents in the United States since 1982. Compared with attacks on the Internet, these numbers are much smaller. However, due to the particularity of industrial CS, each incident represents a huge impact on the lives and production of the general public, and the economy suffers significant losses or even declines.

Many important information systems that the country's key infrastructure relies on are ICS in terms of technical characteristics, rather than the traditional TCP/IP networks we are familiar with. Their security is the key to the stable operation of the national economy and the enemy's key attack target in information warfare. The consequences of attacks are extremely serious.

On the other hand, system complexity, human accidents, operational errors, equipment failures and natural disasters can also cause damage to industrial CS. After modern computer and network technologies have been integrated into industrial CS, common security issues on traditional industrial CP/IP networks have appeared on industrial CS. For example, users can install and run various application software and access various website information at will. Such behavior not only affects work efficiency and wastes system resources, but is also the main reason and path for malicious codes such as viruses and Trojans to enter the system.

1.2 Analysis of CS Vulnerabilities

(1) There are flaws in strategy and implementation

The vulnerability of business control systems is usually caused by the lack of complete and reasonable policy documents or effective implementation processes. Security policy documents and management support are the basis of system security. The mandatory implementation of effective security policies in the system is a prerequisite for reducing the security risks faced by the system.

(2) Platform weaknesses

Since the security protection technology measures of industrial CS terminals are very weak, viruses, Trojans, hackers and other attacks take advantage of these security weaknesses, occur and initiate on the terminal, and infect or damage other systems through the network. The fact is that all intrusion attacks are initiated from the terminal. Hackers use the vulnerabilities of the attacked system to steal super user privileges and wilfully destroy. Virus injection is also initiated from the terminal. The virus program takes advantage of the operating system's weakness of not checking the consistency of the executed code, embeds the virus code into the executed code program, and spreads the virus. What is more serious is that there is no strict access control for legitimate users, and unauthorized access can be performed, causing unsafe accidents.

(3) Network weaknesses

The network weaknesses of industrial CS usually come from software vulnerabilities, misconfiguration or mistakes in industrial CS network management. In addition, the lack of security boundary control when industrial CS is connected to other networks is also a common security risk. Through network design based on the "deep defense" concept, network communication encryption, network traffic control, physical access control and other measures, the network weaknesses of industrial CS can be effectively avoided.

1.3 Possible security incidents

Factors that may lead to industrial safety incidents include:

(1) Denial of service of the control system;
(2) Unauthorized modification of programmable instructions in PLC, DCS or SCADA, causing changes in alarm thresholds or damage to the equipment itself;
(3) False information is sent to the operator of the control system, causing the operator to take incorrect actions;
(4) Modification of the software or configuration settings of the control system;
(5) Malware (such as viruses, worms, Trojan horses, etc.) is introduced into the system.

2 An active safety solution for industrial CS

In the earthwork and its computing environment, the security protection objects include the server, client and the operating system and application system installed on it in the user application environment. The system consists of two modules: security management platform and security terminal, as shown in Figure 2.

Security management platform: responsible for the formulation, maintenance and distribution of security policies for each terminal in its network; strict management mode: only allow terminals to install and use business-related application software, and prohibit the installation and use of all entertainment software, chat software, financial management software, etc.

Security terminal: The most prominent feature of the security control system is that the terminal application is relatively fixed. To prevent traditional malware such as viruses or Trojans, the most direct way is to check the authenticity and integrity of the application before loading it. However, with the continuous improvement of attack methods, the strength of this security control measure has become insufficient, because attacks such as rootkits will damage the underlying code and system services of the operating system. Therefore, effective trustworthy checks must also be performed on the static and dynamic contents of the operating system. The deep-level terminal defense system is shown in Figure 3.

At present, the main operation mode of Trojans is to insert illegal dynamic libraries into the host process to hide the Trojan process itself. Based on this principle, HOOK AP technology is used to "hook" all creation processes and dynamic library call processes in the system to monitor the loading of all executable files in the system. Through integrity verification, it is determined whether the loading of a certain executable module is legal, and automatic defense against malicious codes such as Trojans and viruses is achieved. The basis for judgment is the self-list of trusted applications formulated and issued by the management platform.

3 Conclusion

At present, the network security system of soil control systems has evolved to a large extent from the implementation of general information security technology in the specific environment of soil control systems. Soil control systems face most of the security issues of general information systems, and also have unique security needs.

In this paper, based on the security characteristics of soil control systems and combined with integrity measurement technology, we proposed a dynamic security model in soil control systems, which effectively avoids the difficulty of implementing security strategies in soil control systems and the security vulnerability of the platform. It can not only prevent known viruses and Trojans, but also has immunity to unknown malicious codes, and can ensure the continuity of soil control system business.