Title
Software-Defined Networking approaches for intrusion response in Industrial Control Systems: A surveyVersion
Published version
Rights
© 2023 The AuthorsAccess
Open accessPublisher’s version
https://doi.org/10.1016/j.ijcip.2023.100615Published at
International Journal of Critical Infrastructure Protection Vol. 42. N. art. 100615Publisher
ElsevierKeywords
Software defined networking
Industrial Control Systems
Cyber-Physical Systems
Critical Infrastructure ... [+]
Industrial Control Systems
Cyber-Physical Systems
Critical Infrastructure ... [+]
Software defined networking
Industrial Control Systems
Cyber-Physical Systems
Critical Infrastructure
Intrusion response [-]
Industrial Control Systems
Cyber-Physical Systems
Critical Infrastructure
Intrusion response [-]
Abstract
Industrial Control Systems (ICSs) are a key technology for life-sustainability, social development and economic progress used in a wide range of industrial solutions, including Critical Infrastructure ... [+]
Industrial Control Systems (ICSs) are a key technology for life-sustainability, social development and economic progress used in a wide range of industrial solutions, including Critical Infrastructures (CIs), becoming the primary target for multiple security attacks. With the increase of personalized and sophisticated attacks, the need for new tailored ICS cybersecurity mechanisms has increased exponentially, complying with specific ICS requirements that Information Technology (IT) security systems fail to meet. In this survey, a comprehensive study of ICS intrusion response is conducted, focusing on the use of Software-Defined Networking (SDN) for the development of intrusion response strategies in ICS. With its centralized control plane, increased programmability and global view of the entire network, SDN enables the development of intrusion response solutions that provide a coordinated response to mitigate attacks. Through the survey, an analysis of ICS security requirements and the applicability of SDN is conducted, identifying the advantages and disadvantages compared to traditional networking and protocols. Furthermore, a taxonomy on intrusion response strategies is presented, where different proposals are discussed and categorized according to intrusion response strategy and deployment environment characteristics. Finally, future research directions and challenges are identified. [-]
Funder
Gobierno VascoGobierno Vasco
Diputación Foral de Gipuzkoa
Program
Ikertalde Convocatoria 2022-2025Elkartek 2023
Programa de apoyo a la Red guipuzcoana de Ciencia, Tecnología e Innovación
Number
IT1676-22KK-2023-00085
2022-CIEN-000065-01
Award URI
Sin informaciónSin información
Sin información
Project
Grupo de sistemas inteligentes para sistemas industrialescyBErsecure industriAl Computing cONtinuum (BEACON)
Gauza industrial ziberseguruak hodei ziberseguruetan (GAITZERDI)
Collections
- Articles - Engineering [700]
The following license files are associated with this item: