The Cybersecurity Landscape in Industrial Control Systems
Added on 2022-11-13
19 Pages19917 Words64 Views
This article has been accepted for inclusion in a future issue of this journal. Content is final as presented, with the exception of pagination.
I N V I T E D
P A P E R
The Cybersecurity Landscape in
Industrial Control Systems
By Stephen McLaughlin, Charalambos Konstantinou, Xueyang Wang, Lucas Davi,
Ahmad-Reza Sadeghi, Michail Maniatakos, and Ramesh Karri
ABSTRACT | Industrial control systems (ICSs) are transition-
ing from legacy-electromechanical-based systems to modern
information and communication technology (ICT)-based sys-
tems creating a close coupling between cyber and physical
components. In this paper, we explore the ICS cybersecurity
landscape including: 1) the key principles and unique aspects
of ICS operation; 2) a brief history of cyberattacks on ICS;
3) an overview of ICS security assessment; 4) a survey of
“uniquely-ICS” testbeds that capture the interactions between
the various layers of an ICS; and 5) current trends in ICS at-
tacks and defenses.
KEYWORDS | Computer security; industrial control; networked
control systems; power system security; SCADA systems; security
I. INTRODUCTION
Modern industrial control systems (ICSs) use informa-
tion and communication technologies (ICTs) to control
and automate stable operation of industrial processes
[1], [2]. ICSs interconnect, monitor, and control pro-
cesses in a variety of industries such as electric power
generation, transmission and distribution, chemical pro-
duction, oil and gas, refining and water desalination. The
security of ICSs is receiving attention due to its increas-
ing connections to the Internet [3]. ICS security vulnera-
bilities can be attributed to several factors: use of
microprocessor-based controllers, adoption of communi-
cation standards and protocols, and the complex distrib-
uted network architectures. The security of ICSs has
come under particular scrutiny owing to attacks on criti-
cal infrastructures [4], [5].
Traditional IT security solutions fail to address the
coupling between the cyber and physical components of
an ICS [6]. According to NIST [1], ICSs differ from tradi-
tional IT systems in the following ways. 1) The primary
goal of ICSs is to maintain the integrity of the industrial
process. 2) ICS processes are continuous and hence need
to be highly available; unexpected outages for repair must
be planned and scheduled. 3) In an ICS, interactions with
physical processes are central and often times complex.
4) ICSs target specific industrial processes and may not
have resources for additional capabilities such as security.
5) In ICSs, timely response to human reaction and physi-
cal sensors is critical. 6) ICSs use proprietary communica-
tion protocols to control field devices. 7) ICS components
are replaced infrequently (15–20 years or longer). 8) ICS
components are distributed and isolated and hence diffi-
cult to physically access to repair and upgrade.
Attacks on ICSs are happening at an alarming pace
and the cost of these attacks is substantial for both gov-
ernments and industries [7]. Cyberattacks against oil and
gas infrastructure are estimated to cost the companies
$1.87 billion by 2018 [8]. Until 2001, most of attacks
originated internal to a company. Recently, attacks
Manuscript received August 31, 2015; revised November 19, 2015; accepted
December 19, 2015. This work was supported in part by German Science Foundation
as part of Project S2 within the CRC 1119 CROSSING; by the European Union’s
Seventh Framework Programme under Grant 609611, PRACTICE project; and by the
Intel Collaborative Research Institute for Secure Computing (ICRI-SC). The NYU
researchers were also supported in part by Consolidated Edison, Inc., under Award
4265141; by the U.S. Office of Naval Research under Award N00014-15-1-2182; and
by the NYU Center for Cyber Security (New York and Abu Dhabi).
S. McLaughlin is with KNOX Security, Samsung Research America, Mountain View,
CA 94043 USA (e-mail: s.mclaughlin@samsung.com).
C. Konstantinou, X. Wang, and R. Karri are with the Polytechnic School of
Engineering, New York University, Brooklyn, NY 11201 USA (e-mail:
ckonstantinou@nyu.edu; rkarri@nyu.edu).
L. Davi and A.-R. Sadeghi are with Technische Universität Darmstadt, Darmstadt
64289, Germany (e-mail: lucas.davi@trust.cased.de; ahmad.sadeghi@
trust.cased.de).
M. Maniatakos is with the Electrical and Computer Engineering Department,
New York University Abu Dhabi, Abu Dhabi, UAE (e-mail: michail.maniatakos@
nyu.edu).
Digital Object Identifier: 10.1109/JPROC.2015.2512235
0018-9219 Ó 2016 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission.
See http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
| Proceedings of the IEEE 1
I N V I T E D
P A P E R
The Cybersecurity Landscape in
Industrial Control Systems
By Stephen McLaughlin, Charalambos Konstantinou, Xueyang Wang, Lucas Davi,
Ahmad-Reza Sadeghi, Michail Maniatakos, and Ramesh Karri
ABSTRACT | Industrial control systems (ICSs) are transition-
ing from legacy-electromechanical-based systems to modern
information and communication technology (ICT)-based sys-
tems creating a close coupling between cyber and physical
components. In this paper, we explore the ICS cybersecurity
landscape including: 1) the key principles and unique aspects
of ICS operation; 2) a brief history of cyberattacks on ICS;
3) an overview of ICS security assessment; 4) a survey of
“uniquely-ICS” testbeds that capture the interactions between
the various layers of an ICS; and 5) current trends in ICS at-
tacks and defenses.
KEYWORDS | Computer security; industrial control; networked
control systems; power system security; SCADA systems; security
I. INTRODUCTION
Modern industrial control systems (ICSs) use informa-
tion and communication technologies (ICTs) to control
and automate stable operation of industrial processes
[1], [2]. ICSs interconnect, monitor, and control pro-
cesses in a variety of industries such as electric power
generation, transmission and distribution, chemical pro-
duction, oil and gas, refining and water desalination. The
security of ICSs is receiving attention due to its increas-
ing connections to the Internet [3]. ICS security vulnera-
bilities can be attributed to several factors: use of
microprocessor-based controllers, adoption of communi-
cation standards and protocols, and the complex distrib-
uted network architectures. The security of ICSs has
come under particular scrutiny owing to attacks on criti-
cal infrastructures [4], [5].
Traditional IT security solutions fail to address the
coupling between the cyber and physical components of
an ICS [6]. According to NIST [1], ICSs differ from tradi-
tional IT systems in the following ways. 1) The primary
goal of ICSs is to maintain the integrity of the industrial
process. 2) ICS processes are continuous and hence need
to be highly available; unexpected outages for repair must
be planned and scheduled. 3) In an ICS, interactions with
physical processes are central and often times complex.
4) ICSs target specific industrial processes and may not
have resources for additional capabilities such as security.
5) In ICSs, timely response to human reaction and physi-
cal sensors is critical. 6) ICSs use proprietary communica-
tion protocols to control field devices. 7) ICS components
are replaced infrequently (15–20 years or longer). 8) ICS
components are distributed and isolated and hence diffi-
cult to physically access to repair and upgrade.
Attacks on ICSs are happening at an alarming pace
and the cost of these attacks is substantial for both gov-
ernments and industries [7]. Cyberattacks against oil and
gas infrastructure are estimated to cost the companies
$1.87 billion by 2018 [8]. Until 2001, most of attacks
originated internal to a company. Recently, attacks
Manuscript received August 31, 2015; revised November 19, 2015; accepted
December 19, 2015. This work was supported in part by German Science Foundation
as part of Project S2 within the CRC 1119 CROSSING; by the European Union’s
Seventh Framework Programme under Grant 609611, PRACTICE project; and by the
Intel Collaborative Research Institute for Secure Computing (ICRI-SC). The NYU
researchers were also supported in part by Consolidated Edison, Inc., under Award
4265141; by the U.S. Office of Naval Research under Award N00014-15-1-2182; and
by the NYU Center for Cyber Security (New York and Abu Dhabi).
S. McLaughlin is with KNOX Security, Samsung Research America, Mountain View,
CA 94043 USA (e-mail: s.mclaughlin@samsung.com).
C. Konstantinou, X. Wang, and R. Karri are with the Polytechnic School of
Engineering, New York University, Brooklyn, NY 11201 USA (e-mail:
ckonstantinou@nyu.edu; rkarri@nyu.edu).
L. Davi and A.-R. Sadeghi are with Technische Universität Darmstadt, Darmstadt
64289, Germany (e-mail: lucas.davi@trust.cased.de; ahmad.sadeghi@
trust.cased.de).
M. Maniatakos is with the Electrical and Computer Engineering Department,
New York University Abu Dhabi, Abu Dhabi, UAE (e-mail: michail.maniatakos@
nyu.edu).
Digital Object Identifier: 10.1109/JPROC.2015.2512235
0018-9219 Ó 2016 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission.
See http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
| Proceedings of the IEEE 1
This article has been accepted for inclusion in a future issue of this journal. Content is final as presented, with the exception of pagination.
external to a company are becoming frequent. This is
due to the use of commercial off-the-shelf (COTS) de-
vices, open applications and operating systems, and in-
creasing connection of the ICS to the Internet.
In an effort to keep up with the cyberattacks, cyber-
security researchers are investigating the attack surface
and defenses for critical infrastructure domains such as
the smart grid [9], oil and gas [10], and water SCADA
[11]. This survey will focus on the general ICS cybersecu-
rity landscape by discussing attacks and defenses at vari-
ous levels of abstraction in an ICS from the hardware to
the process.
A. Industrial Control Systems
The general architecture of an ICS is shown in Fig. 1.
The main components of an ICS include the following.
· Programmable logic controller (PLC): A PLC is a
digital computer used to automate industrial elec-
tromechanical processes. PLCs control the state
of output devices based on the signals received
from the sensors and the stored programs. PLCs
operate in harsh environmental conditions, such
as excessive vibration and high noise [12]. PLCs
control standalone equipment and discrete
manufacturing processes.
· Distributed control system (DCS): DCS is an au-
tomated control system in which the control
elements are distributed throughout the system
[13]. The distributed controllers are networked to
remotely monitor processes. The DCS can remain
operational even if a part of the control system
fails. DCSs are often found in continuous and
batch production processes which require ad-
vanced control and communication with intelli-
gent field devices.
· Supervisory control and data acquisition (SCA-
DA): SCADA is a computer system used to moni-
tor and control industrial processes. SCADA
monitors and controls field sites spread out over
a geographically large area. SCADA systems
gather data in real time from remote locations.
Supervisory decisions are then made to adjust
controls.
B. History of ICS Attacks
In an ICS, the stable operation could be disrupted
not only by an operator error or a failure at a production
unit, but also by a software error/bug, malware, or an in-
tentional cyber criminal attack [14]. Just in 2014, the
ICS Cyber Emergency Response Team (ICS-CERT) re-
sponded to 245 incidents. Numerous cyberattacks on ICS
are summarized in Fig. 2. We elaborate on four ICS at-
tacks that caused physical damages.
In 2007, Idaho National Laboratory staged the Aurora
attack, in order to demonstrate how a cyberattack could
destroy physical components of the electric grid [15].
The attacker gained the access to the control network of
a diesel generator. Then a malicious computer program
was run to rapidly open and close the circuit breakers of
the generator, out of phase from the rest of the grid, re-
sulting in an explosion of the diesel generator. Since
most of the grid equipment uses legacy communications
protocols that did not consider security, this vulnerability
is especially a concern [16].
In 2008, a pipeline in Turkey was hit by a powerful
explosion spilling over 30000 barrels of oil in an area
above a water aquifer. Further, it cost British Petroleum
$5 million a day in transit tariffs. The attackers entered
the system by exploiting the vulnerabilities of the wire-
less camera communication software, and then moved
deep into the internal network. The attackers tampered
with the units used to alert the control room about mal-
functions and leaks, and compromised PLCs at valve sta-
tions to increase pressure in the pipeline causing the
explosion.
In 2010, Stuxnet computer worm infected PLCs in
14 industrial sites in Iran, including an uranium enrich-
ment plant [4], [17]. It was introduced to the target sys-
tem via an infected USB flash drive. Stuxnet then
stealthily propagated through the network by infecting
removable drives, copying itself in the network shared
resources, and by exploiting unpatched vulnerabilities.
Fig. 1. General structure of an ICS. The industrial process data
collected at remote sites are sent by field devices such as
remote terminal units (RTUs), intelligent electronic devices
(IEDs), and programmable logic controller (PLCs), to the control
center through wired and wireless links. The control server
allows clients to access data using standard protocols. The
human–machine interface (HMI) presents processed data to a
human operator, by querying the time-stamped data
accumulated in the data historian. The gathered data are
analyzed, and control commands are sent to remote controllers.
2 Proceedings of the IEEE |
McLaughlin et al.: The Cybersecurity Landscape in Industrial Control Systems
external to a company are becoming frequent. This is
due to the use of commercial off-the-shelf (COTS) de-
vices, open applications and operating systems, and in-
creasing connection of the ICS to the Internet.
In an effort to keep up with the cyberattacks, cyber-
security researchers are investigating the attack surface
and defenses for critical infrastructure domains such as
the smart grid [9], oil and gas [10], and water SCADA
[11]. This survey will focus on the general ICS cybersecu-
rity landscape by discussing attacks and defenses at vari-
ous levels of abstraction in an ICS from the hardware to
the process.
A. Industrial Control Systems
The general architecture of an ICS is shown in Fig. 1.
The main components of an ICS include the following.
· Programmable logic controller (PLC): A PLC is a
digital computer used to automate industrial elec-
tromechanical processes. PLCs control the state
of output devices based on the signals received
from the sensors and the stored programs. PLCs
operate in harsh environmental conditions, such
as excessive vibration and high noise [12]. PLCs
control standalone equipment and discrete
manufacturing processes.
· Distributed control system (DCS): DCS is an au-
tomated control system in which the control
elements are distributed throughout the system
[13]. The distributed controllers are networked to
remotely monitor processes. The DCS can remain
operational even if a part of the control system
fails. DCSs are often found in continuous and
batch production processes which require ad-
vanced control and communication with intelli-
gent field devices.
· Supervisory control and data acquisition (SCA-
DA): SCADA is a computer system used to moni-
tor and control industrial processes. SCADA
monitors and controls field sites spread out over
a geographically large area. SCADA systems
gather data in real time from remote locations.
Supervisory decisions are then made to adjust
controls.
B. History of ICS Attacks
In an ICS, the stable operation could be disrupted
not only by an operator error or a failure at a production
unit, but also by a software error/bug, malware, or an in-
tentional cyber criminal attack [14]. Just in 2014, the
ICS Cyber Emergency Response Team (ICS-CERT) re-
sponded to 245 incidents. Numerous cyberattacks on ICS
are summarized in Fig. 2. We elaborate on four ICS at-
tacks that caused physical damages.
In 2007, Idaho National Laboratory staged the Aurora
attack, in order to demonstrate how a cyberattack could
destroy physical components of the electric grid [15].
The attacker gained the access to the control network of
a diesel generator. Then a malicious computer program
was run to rapidly open and close the circuit breakers of
the generator, out of phase from the rest of the grid, re-
sulting in an explosion of the diesel generator. Since
most of the grid equipment uses legacy communications
protocols that did not consider security, this vulnerability
is especially a concern [16].
In 2008, a pipeline in Turkey was hit by a powerful
explosion spilling over 30000 barrels of oil in an area
above a water aquifer. Further, it cost British Petroleum
$5 million a day in transit tariffs. The attackers entered
the system by exploiting the vulnerabilities of the wire-
less camera communication software, and then moved
deep into the internal network. The attackers tampered
with the units used to alert the control room about mal-
functions and leaks, and compromised PLCs at valve sta-
tions to increase pressure in the pipeline causing the
explosion.
In 2010, Stuxnet computer worm infected PLCs in
14 industrial sites in Iran, including an uranium enrich-
ment plant [4], [17]. It was introduced to the target sys-
tem via an infected USB flash drive. Stuxnet then
stealthily propagated through the network by infecting
removable drives, copying itself in the network shared
resources, and by exploiting unpatched vulnerabilities.
Fig. 1. General structure of an ICS. The industrial process data
collected at remote sites are sent by field devices such as
remote terminal units (RTUs), intelligent electronic devices
(IEDs), and programmable logic controller (PLCs), to the control
center through wired and wireless links. The control server
allows clients to access data using standard protocols. The
human–machine interface (HMI) presents processed data to a
human operator, by querying the time-stamped data
accumulated in the data historian. The gathered data are
analyzed, and control commands are sent to remote controllers.
2 Proceedings of the IEEE |
McLaughlin et al.: The Cybersecurity Landscape in Industrial Control Systems
This article has been accepted for inclusion in a future issue of this journal. Content is final as presented, with the exception of pagination.
The infected computers were instructed to connect to an
external command and control server. The central server
then reprogrammed the PLCs to modify the operation of
the centrifuges to tear themselves apart by the compro-
mised PLCs [18].
In 2015, two hackers demonstrated a remote control
of a vehicle [19]. The zero-day exploit gave the hackers
wireless control of the vehicles. The software vulnerabil-
ities in the vehicle entertainment system allowed the
hackers to remotely control it, including dashboard func-
tions, steering, brakes, and transmission, enabling mali-
cious actions such as controlling the air conditioner and
audio, disabling the engine and the brakes, and comman-
deering the wheel [20]. This is a harbinger of attacks in
an automated manufacturing environment where intelli-
gent robots cohabitate and coordinate with humans.
C. Roadmap of This Paper
Cybersecurity assessment can reveal the obvious and
nonobvious physical implications of ICS vulnerabilities
on the target industrial processes. Cybersecurity assess-
ment of ICSs for physical processes requires capturing
the different layers of an ICS architecture. The chal-
lenges of creating a vulnerability assessment methodol-
ogy are discussed in Section II. Cybersecurity assessment
of an ICS requires the use of a testbed. The ICS testbed
should help identify cybersecurity vulnerabilities as well
as the ability of the ICS to withstand various types of
attacks that exploit these vulnerabilities. In addition,
the testbed should ensure that critical areas of the ICS
are given adequate attention. This way one can lessen
the costs for fixing cybersecurity vulnerabilities emerg-
ing from flaws in the design of ICS components and the
ICS network. ICS testbeds are discussed in Section II.
Discussion on how one can construct attack vectors ap-
pears in Section III. Attacks on ICSs have devastating
physical consequences. Therefore, ICSs need to be
designed for security robustness and tested prior to
deployment. Control protocols should be fitted with
security features and policies. ICSs should be reinforced
by isolating critical operations by removing unnecessary
services and applications from ICS components. Exten-
sive discussion on vulnerability mitigation appears in
Section IV, followed by final remarks in Section V.
II. I CS VU L NE R A BI LI T Y AS S ES S M ENT
In this section, we review the different layers in an ICS,
the vulnerability assessment process outlining the cyber-
security assessment strategy and discuss ICS testbeds for
accurate vulnerability analyses in a lab environment.
A. The ICS Architecture and Vulnerabilities
The different layers of ICS architecture are shown in
Fig. 3.
1) Hardware Layer: Embedded components such as
PLCs and RTUs are hardware modules executing software.
Hardware attacks such as fault injection and backdoors
can be introduced into these modules. These vulnerabil-
ities in the hardware can be exploited by adversaries to
gain access to stored information or to deny services.
The hardware-level vulnerabilities concern the entire
lifecycle of an ICS from design to disposal. Security in
the processor supply chain is a major issue since hard-
ware trojans can be injected in any stage of the supply
chain introducing potential risks such as loss of reliabil-
ity and security [21], [22]. Unauthorized users can use
JTAG ports—used for in-circuit test—to steal intellec-
tual property, modify firmware, and reverse engineer
logic [23]–[25]. Peripherals introduce vulnerabilities.
For example, malicious USB drives can redirect commu-
nications by changing DNS settings or destroy the cir-
cuit board [26], [27]. Expansion cards, memory units,
Fig. 2. Timeline of cyberattacks on ICS and their physical impacts.
| Proceedings of the IEEE 3
McLaughlin et al.: The Cybersecurity Landscape in Industrial Control Systems
The infected computers were instructed to connect to an
external command and control server. The central server
then reprogrammed the PLCs to modify the operation of
the centrifuges to tear themselves apart by the compro-
mised PLCs [18].
In 2015, two hackers demonstrated a remote control
of a vehicle [19]. The zero-day exploit gave the hackers
wireless control of the vehicles. The software vulnerabil-
ities in the vehicle entertainment system allowed the
hackers to remotely control it, including dashboard func-
tions, steering, brakes, and transmission, enabling mali-
cious actions such as controlling the air conditioner and
audio, disabling the engine and the brakes, and comman-
deering the wheel [20]. This is a harbinger of attacks in
an automated manufacturing environment where intelli-
gent robots cohabitate and coordinate with humans.
C. Roadmap of This Paper
Cybersecurity assessment can reveal the obvious and
nonobvious physical implications of ICS vulnerabilities
on the target industrial processes. Cybersecurity assess-
ment of ICSs for physical processes requires capturing
the different layers of an ICS architecture. The chal-
lenges of creating a vulnerability assessment methodol-
ogy are discussed in Section II. Cybersecurity assessment
of an ICS requires the use of a testbed. The ICS testbed
should help identify cybersecurity vulnerabilities as well
as the ability of the ICS to withstand various types of
attacks that exploit these vulnerabilities. In addition,
the testbed should ensure that critical areas of the ICS
are given adequate attention. This way one can lessen
the costs for fixing cybersecurity vulnerabilities emerg-
ing from flaws in the design of ICS components and the
ICS network. ICS testbeds are discussed in Section II.
Discussion on how one can construct attack vectors ap-
pears in Section III. Attacks on ICSs have devastating
physical consequences. Therefore, ICSs need to be
designed for security robustness and tested prior to
deployment. Control protocols should be fitted with
security features and policies. ICSs should be reinforced
by isolating critical operations by removing unnecessary
services and applications from ICS components. Exten-
sive discussion on vulnerability mitigation appears in
Section IV, followed by final remarks in Section V.
II. I CS VU L NE R A BI LI T Y AS S ES S M ENT
In this section, we review the different layers in an ICS,
the vulnerability assessment process outlining the cyber-
security assessment strategy and discuss ICS testbeds for
accurate vulnerability analyses in a lab environment.
A. The ICS Architecture and Vulnerabilities
The different layers of ICS architecture are shown in
Fig. 3.
1) Hardware Layer: Embedded components such as
PLCs and RTUs are hardware modules executing software.
Hardware attacks such as fault injection and backdoors
can be introduced into these modules. These vulnerabil-
ities in the hardware can be exploited by adversaries to
gain access to stored information or to deny services.
The hardware-level vulnerabilities concern the entire
lifecycle of an ICS from design to disposal. Security in
the processor supply chain is a major issue since hard-
ware trojans can be injected in any stage of the supply
chain introducing potential risks such as loss of reliabil-
ity and security [21], [22]. Unauthorized users can use
JTAG ports—used for in-circuit test—to steal intellec-
tual property, modify firmware, and reverse engineer
logic [23]–[25]. Peripherals introduce vulnerabilities.
For example, malicious USB drives can redirect commu-
nications by changing DNS settings or destroy the cir-
cuit board [26], [27]. Expansion cards, memory units,
Fig. 2. Timeline of cyberattacks on ICS and their physical impacts.
| Proceedings of the IEEE 3
McLaughlin et al.: The Cybersecurity Landscape in Industrial Control Systems
This article has been accepted for inclusion in a future issue of this journal. Content is final as presented, with the exception of pagination.
and communication ports pose a security threat as well
[28]–[30].
2) Firmware Layer: The firmware resides between the
hardware and software. It includes data and instructions
able to control the hardware. The functionality of firm-
ware ranges from booting the hardware providing run-
time services to loading an operating system (OS). Due to
the real-time constraints related to the operation of ICSs,
firmware-driven systems typically adopt a real-time oper-
ating system (RTOS) such as VxWorks. In any case, vul-
nerabilities within the firmware could be exploited by
adversaries to abnormally affect the ICS process. A recent
study exploited vulnerabilities in a wireless access point
and a recloser controller firmware [31]. Malicious firm-
ware can be distributed from a central system in an
Fig. 3. Layered ICS architecture and the vulnerable components in the ICS stack.
4 Proceedings of the IEEE |
McLaughlin et al.: The Cybersecurity Landscape in Industrial Control Systems
and communication ports pose a security threat as well
[28]–[30].
2) Firmware Layer: The firmware resides between the
hardware and software. It includes data and instructions
able to control the hardware. The functionality of firm-
ware ranges from booting the hardware providing run-
time services to loading an operating system (OS). Due to
the real-time constraints related to the operation of ICSs,
firmware-driven systems typically adopt a real-time oper-
ating system (RTOS) such as VxWorks. In any case, vul-
nerabilities within the firmware could be exploited by
adversaries to abnormally affect the ICS process. A recent
study exploited vulnerabilities in a wireless access point
and a recloser controller firmware [31]. Malicious firm-
ware can be distributed from a central system in an
Fig. 3. Layered ICS architecture and the vulnerable components in the ICS stack.
4 Proceedings of the IEEE |
McLaughlin et al.: The Cybersecurity Landscape in Industrial Control Systems
End of preview
Want to access all the pages? Upload your documents or become a member.