repository
Industrial IoT 기반의 제어 시스템을 위한 통합 보안 프레임워크
- Alternative Title
- Integrated Security Framework for Industrial IoT-based Control System
- Author(s)
- 이석철
- Advisor
- 손태식
- Department
- 일반대학원 컴퓨터공학과
- Publisher
- The Graduate School, Ajou University
- Publication Year
- 2018-08
- Language
- eng
- Keyword
- Industrial IoT; Control System; Security; Framework; Assessment
- Alternative Abstract
- In modern society introduced Industrial 4.0, Information and Communication Technology (ICT) such as Supervisory Control and Data Acquisition (SCADA) is applied to industrial control systems (ICS) applied to various fields such as power, factory, and financial is applied. Especially, in the field of power systems, ICT such as Industrial Internet of Things (IoT) is applied for efficient radio measurement. As a result, existing stand-alone systems have increased contact points with external networks. However, in case of most ICS, there is a lack of security guideline and operation guidance for a newly changed environment. Accordingly, various countermeasures have been developed to protect ICT-based ICS from cyber attacks. However, it is difficult to cope with cyber attacks that are evolving, such as potential security threats or Advanced Persistent Threat (APT). In order to effectively and proactively respond to new security threats including APT attacks, it is needed to understand and inspect the current security status of the system. It is necessary to identify the security requirements on the basis of the checked contents and establish an appropriate security response structure accordingly, thereby improving the security of the intelligent and open ICS and ensuring social safety. In this paper, we propose an Integrated Security Framework consisting of three steps to improve the security level of ICS environment using Industrial IoT technology. The first step is the 'vulnerability inspection' stage to check for potential security threats using the OSINT technique preemptively. The second step is the 'security architecture modeling' stage, where security functions are deployed by analyzing the security requirements necessary to mitigate the threats of the ICS environment. The third step is a 'system assessment' stage to evaluate the security vulnerability of the system using the security vulnerability quantification technique based on Game theory. And a case study showing that the security of ICS environment can be improved by verifying the proposed framework for ICS network composed of the analysis of reference models.
- Fulltext
- Appears in Collections:
- Graduate School of Ajou University > Department of Computer Engineering > 3. Theses(Master)
- Files in This Item:
- There are no files associated with this item.
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.
-
- License
- STATISTICS
- Total Visit :3,553,007
- Total Download :1,795
- Today View :15,373
