A general real-time control approach of intrusion response for industrial automation systems
journal contributionposted on 2017-06-23, 13:46 authored by Shuang Huang, Chunjie Zhou, Naixue Xiong, Shuang-Hua Yang, Yuanqing Qin, Qi Zhang
Intrusion response is a critical part of security protection. Compared with IT systems, industrial automation systems (IASs) have greater timeliness and availability demands. Real-time security policy enforcement of intrusion response is a challenge facing intrusion response for IASs. Inappropriate enforcement of the security policy can influence normal operation of the control system, and the loss caused by this security policy may even exceed that caused by cyberattacks. However, existing research about intrusion response focuses on security policy decisions and ignores security policy execution. This paper proposes a general, real-time control approach based on table-driven scheduling of intrusion response in IASs to address the problem of security policy execution. Security policy consists of a security service group, with each type of security service supported by a realization task set. Realization tasks from several task sets can be combined to form a response task set. In the proposed approach, first, a response task set is generated by a nondominated sorting genetic algorithm (GA) II with joint consideration of security performance and cost. Then, the system is reconfigured through an integrated scheduling scheme where system tasks and response tasks are mapped and scheduled together based on a GA. Furthermore, results from both numerical simulations and a real-application simulation show that the proposed method can implement the security policy in time with little effect on the system.
This work was supported by the National Natural Science Foundation of China under Grant 61272204 and Grant 61433006.
- Computer Science
Published inIEEE Transactions on Systems, Man, and Cybernetics: Systems
Pages1021 - 1035
CitationHUANG, S. ... et al., 2016. A general real-time control approach of intrusion response for industrial automation systems. IEEE Transactions on Systems, Man, and Cybernetics: Systems, 46 (8), pp. 1021 - 1035.
- AM (Accepted Manuscript)
Notes© IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.