Better Safe Than Sorry: Risk Management Based on a Safety-Augmented Network Intrusion Detection System
Interconnected industrial control system (ICS) networks based on routable protocols are susceptible to remote attacks similar to classical information technology (IT) networks. However, addressing ICS security in an isolated view is dangerous since ICSs have to ensure safety measures for people, pro...
Ausführliche Beschreibung
Autor*in: |
Bernhard Brenner [verfasserIn] Siegfried Hollerer [verfasserIn] Pushparaj Bhosale [verfasserIn] Thilo Sauter [verfasserIn] Wolfgang Kastner [verfasserIn] Joachim Fabini [verfasserIn] Tanja Zseby [verfasserIn] |
---|
Format: |
E-Artikel |
---|---|
Sprache: |
Englisch |
Erschienen: |
2023 |
---|
Schlagwörter: |
Industrial control systems (ICSs) information technology (IT) / operational technology (OT) convergence |
---|
Übergeordnetes Werk: |
In: IEEE Open Journal of the Industrial Electronics Society - IEEE, 2020, 4(2023), Seite 287-303 |
---|---|
Übergeordnetes Werk: |
volume:4 ; year:2023 ; pages:287-303 |
Links: |
---|
DOI / URN: |
10.1109/OJIES.2023.3297057 |
---|
Katalog-ID: |
DOAJ096153423 |
---|
LEADER | 01000naa a22002652 4500 | ||
---|---|---|---|
001 | DOAJ096153423 | ||
003 | DE-627 | ||
005 | 20240413143012.0 | ||
007 | cr uuu---uuuuu | ||
008 | 240413s2023 xx |||||o 00| ||eng c | ||
024 | 7 | |a 10.1109/OJIES.2023.3297057 |2 doi | |
035 | |a (DE-627)DOAJ096153423 | ||
035 | |a (DE-599)DOAJ083780e36b044a569708374923db9b7c | ||
040 | |a DE-627 |b ger |c DE-627 |e rakwb | ||
041 | |a eng | ||
050 | 0 | |a TK7800-8360 | |
050 | 0 | |a T55.4-60.8 | |
100 | 0 | |a Bernhard Brenner |e verfasserin |4 aut | |
245 | 1 | 0 | |a Better Safe Than Sorry: Risk Management Based on a Safety-Augmented Network Intrusion Detection System |
264 | 1 | |c 2023 | |
336 | |a Text |b txt |2 rdacontent | ||
337 | |a Computermedien |b c |2 rdamedia | ||
338 | |a Online-Ressource |b cr |2 rdacarrier | ||
520 | |a Interconnected industrial control system (ICS) networks based on routable protocols are susceptible to remote attacks similar to classical information technology (IT) networks. However, addressing ICS security in an isolated view is dangerous since ICSs have to ensure safety measures for people, processes, and the environment. The safety and security of ICSs are often addressed separately, without considering their important interrelation. Safety measures can violate security policies (e.g., an emergency stop function accessible by anyone); likewise, a security incident can violate safety policies (e.g., by increasing reaction time). In this article, we propose a network-based intrusion detection system with the interrelation between safety and security in mind. It detects security incidents while evaluating possible safety-related consequences of both the detected attack and possible countermeasures. We evaluate our approach with a Proof of Concept (PoC). The alerts generated by the PoC prototype serve as the basis for a risk management strategy proposed in this article. Our approach provides a basis for safety-aware intrusion detection in smart factories and other cyber-physical systems. | ||
650 | 4 | |a Industrial control systems (ICSs) | |
650 | 4 | |a incident response | |
650 | 4 | |a information technology (IT) / operational technology (OT) convergence | |
650 | 4 | |a OT security | |
650 | 4 | |a risk management | |
650 | 4 | |a safety | |
653 | 0 | |a Electronics | |
653 | 0 | |a Industrial engineering. Management engineering | |
700 | 0 | |a Siegfried Hollerer |e verfasserin |4 aut | |
700 | 0 | |a Pushparaj Bhosale |e verfasserin |4 aut | |
700 | 0 | |a Thilo Sauter |e verfasserin |4 aut | |
700 | 0 | |a Wolfgang Kastner |e verfasserin |4 aut | |
700 | 0 | |a Joachim Fabini |e verfasserin |4 aut | |
700 | 0 | |a Tanja Zseby |e verfasserin |4 aut | |
773 | 0 | 8 | |i In |t IEEE Open Journal of the Industrial Electronics Society |d IEEE, 2020 |g 4(2023), Seite 287-303 |w (DE-627)1690051620 |w (DE-600)3008466-0 |x 26441284 |7 nnns |
773 | 1 | 8 | |g volume:4 |g year:2023 |g pages:287-303 |
856 | 4 | 0 | |u https://doi.org/10.1109/OJIES.2023.3297057 |z kostenfrei |
856 | 4 | 0 | |u https://doaj.org/article/083780e36b044a569708374923db9b7c |z kostenfrei |
856 | 4 | 0 | |u https://ieeexplore.ieee.org/document/10187675/ |z kostenfrei |
856 | 4 | 2 | |u https://doaj.org/toc/2644-1284 |y Journal toc |z kostenfrei |
912 | |a GBV_USEFLAG_A | ||
912 | |a SYSFLAG_A | ||
912 | |a GBV_DOAJ | ||
912 | |a GBV_ILN_20 | ||
912 | |a GBV_ILN_22 | ||
912 | |a GBV_ILN_23 | ||
912 | |a GBV_ILN_24 | ||
912 | |a GBV_ILN_31 | ||
912 | |a GBV_ILN_39 | ||
912 | |a GBV_ILN_40 | ||
912 | |a GBV_ILN_60 | ||
912 | |a GBV_ILN_62 | ||
912 | |a GBV_ILN_63 | ||
912 | |a GBV_ILN_65 | ||
912 | |a GBV_ILN_69 | ||
912 | |a GBV_ILN_70 | ||
912 | |a GBV_ILN_73 | ||
912 | |a GBV_ILN_95 | ||
912 | |a GBV_ILN_105 | ||
912 | |a GBV_ILN_110 | ||
912 | |a GBV_ILN_151 | ||
912 | |a GBV_ILN_161 | ||
912 | |a GBV_ILN_170 | ||
912 | |a GBV_ILN_213 | ||
912 | |a GBV_ILN_230 | ||
912 | |a GBV_ILN_285 | ||
912 | |a GBV_ILN_293 | ||
912 | |a GBV_ILN_370 | ||
912 | |a GBV_ILN_602 | ||
912 | |a GBV_ILN_2014 | ||
912 | |a GBV_ILN_4012 | ||
912 | |a GBV_ILN_4037 | ||
912 | |a GBV_ILN_4112 | ||
912 | |a GBV_ILN_4125 | ||
912 | |a GBV_ILN_4126 | ||
912 | |a GBV_ILN_4249 | ||
912 | |a GBV_ILN_4305 | ||
912 | |a GBV_ILN_4306 | ||
912 | |a GBV_ILN_4307 | ||
912 | |a GBV_ILN_4313 | ||
912 | |a GBV_ILN_4322 | ||
912 | |a GBV_ILN_4323 | ||
912 | |a GBV_ILN_4324 | ||
912 | |a GBV_ILN_4325 | ||
912 | |a GBV_ILN_4335 | ||
912 | |a GBV_ILN_4338 | ||
912 | |a GBV_ILN_4367 | ||
912 | |a GBV_ILN_4700 | ||
951 | |a AR | ||
952 | |d 4 |j 2023 |h 287-303 |
author_variant |
b b bb s h sh p b pb t s ts w k wk j f jf t z tz |
---|---|
matchkey_str |
article:26441284:2023----::etraehnorrsmngmnbsdnsftagetdewr |
hierarchy_sort_str |
2023 |
callnumber-subject-code |
TK |
publishDate |
2023 |
allfields |
10.1109/OJIES.2023.3297057 doi (DE-627)DOAJ096153423 (DE-599)DOAJ083780e36b044a569708374923db9b7c DE-627 ger DE-627 rakwb eng TK7800-8360 T55.4-60.8 Bernhard Brenner verfasserin aut Better Safe Than Sorry: Risk Management Based on a Safety-Augmented Network Intrusion Detection System 2023 Text txt rdacontent Computermedien c rdamedia Online-Ressource cr rdacarrier Interconnected industrial control system (ICS) networks based on routable protocols are susceptible to remote attacks similar to classical information technology (IT) networks. However, addressing ICS security in an isolated view is dangerous since ICSs have to ensure safety measures for people, processes, and the environment. The safety and security of ICSs are often addressed separately, without considering their important interrelation. Safety measures can violate security policies (e.g., an emergency stop function accessible by anyone); likewise, a security incident can violate safety policies (e.g., by increasing reaction time). In this article, we propose a network-based intrusion detection system with the interrelation between safety and security in mind. It detects security incidents while evaluating possible safety-related consequences of both the detected attack and possible countermeasures. We evaluate our approach with a Proof of Concept (PoC). The alerts generated by the PoC prototype serve as the basis for a risk management strategy proposed in this article. Our approach provides a basis for safety-aware intrusion detection in smart factories and other cyber-physical systems. Industrial control systems (ICSs) incident response information technology (IT) / operational technology (OT) convergence OT security risk management safety Electronics Industrial engineering. Management engineering Siegfried Hollerer verfasserin aut Pushparaj Bhosale verfasserin aut Thilo Sauter verfasserin aut Wolfgang Kastner verfasserin aut Joachim Fabini verfasserin aut Tanja Zseby verfasserin aut In IEEE Open Journal of the Industrial Electronics Society IEEE, 2020 4(2023), Seite 287-303 (DE-627)1690051620 (DE-600)3008466-0 26441284 nnns volume:4 year:2023 pages:287-303 https://doi.org/10.1109/OJIES.2023.3297057 kostenfrei https://doaj.org/article/083780e36b044a569708374923db9b7c kostenfrei https://ieeexplore.ieee.org/document/10187675/ kostenfrei https://doaj.org/toc/2644-1284 Journal toc kostenfrei GBV_USEFLAG_A SYSFLAG_A GBV_DOAJ GBV_ILN_20 GBV_ILN_22 GBV_ILN_23 GBV_ILN_24 GBV_ILN_31 GBV_ILN_39 GBV_ILN_40 GBV_ILN_60 GBV_ILN_62 GBV_ILN_63 GBV_ILN_65 GBV_ILN_69 GBV_ILN_70 GBV_ILN_73 GBV_ILN_95 GBV_ILN_105 GBV_ILN_110 GBV_ILN_151 GBV_ILN_161 GBV_ILN_170 GBV_ILN_213 GBV_ILN_230 GBV_ILN_285 GBV_ILN_293 GBV_ILN_370 GBV_ILN_602 GBV_ILN_2014 GBV_ILN_4012 GBV_ILN_4037 GBV_ILN_4112 GBV_ILN_4125 GBV_ILN_4126 GBV_ILN_4249 GBV_ILN_4305 GBV_ILN_4306 GBV_ILN_4307 GBV_ILN_4313 GBV_ILN_4322 GBV_ILN_4323 GBV_ILN_4324 GBV_ILN_4325 GBV_ILN_4335 GBV_ILN_4338 GBV_ILN_4367 GBV_ILN_4700 AR 4 2023 287-303 |
spelling |
10.1109/OJIES.2023.3297057 doi (DE-627)DOAJ096153423 (DE-599)DOAJ083780e36b044a569708374923db9b7c DE-627 ger DE-627 rakwb eng TK7800-8360 T55.4-60.8 Bernhard Brenner verfasserin aut Better Safe Than Sorry: Risk Management Based on a Safety-Augmented Network Intrusion Detection System 2023 Text txt rdacontent Computermedien c rdamedia Online-Ressource cr rdacarrier Interconnected industrial control system (ICS) networks based on routable protocols are susceptible to remote attacks similar to classical information technology (IT) networks. However, addressing ICS security in an isolated view is dangerous since ICSs have to ensure safety measures for people, processes, and the environment. The safety and security of ICSs are often addressed separately, without considering their important interrelation. Safety measures can violate security policies (e.g., an emergency stop function accessible by anyone); likewise, a security incident can violate safety policies (e.g., by increasing reaction time). In this article, we propose a network-based intrusion detection system with the interrelation between safety and security in mind. It detects security incidents while evaluating possible safety-related consequences of both the detected attack and possible countermeasures. We evaluate our approach with a Proof of Concept (PoC). The alerts generated by the PoC prototype serve as the basis for a risk management strategy proposed in this article. Our approach provides a basis for safety-aware intrusion detection in smart factories and other cyber-physical systems. Industrial control systems (ICSs) incident response information technology (IT) / operational technology (OT) convergence OT security risk management safety Electronics Industrial engineering. Management engineering Siegfried Hollerer verfasserin aut Pushparaj Bhosale verfasserin aut Thilo Sauter verfasserin aut Wolfgang Kastner verfasserin aut Joachim Fabini verfasserin aut Tanja Zseby verfasserin aut In IEEE Open Journal of the Industrial Electronics Society IEEE, 2020 4(2023), Seite 287-303 (DE-627)1690051620 (DE-600)3008466-0 26441284 nnns volume:4 year:2023 pages:287-303 https://doi.org/10.1109/OJIES.2023.3297057 kostenfrei https://doaj.org/article/083780e36b044a569708374923db9b7c kostenfrei https://ieeexplore.ieee.org/document/10187675/ kostenfrei https://doaj.org/toc/2644-1284 Journal toc kostenfrei GBV_USEFLAG_A SYSFLAG_A GBV_DOAJ GBV_ILN_20 GBV_ILN_22 GBV_ILN_23 GBV_ILN_24 GBV_ILN_31 GBV_ILN_39 GBV_ILN_40 GBV_ILN_60 GBV_ILN_62 GBV_ILN_63 GBV_ILN_65 GBV_ILN_69 GBV_ILN_70 GBV_ILN_73 GBV_ILN_95 GBV_ILN_105 GBV_ILN_110 GBV_ILN_151 GBV_ILN_161 GBV_ILN_170 GBV_ILN_213 GBV_ILN_230 GBV_ILN_285 GBV_ILN_293 GBV_ILN_370 GBV_ILN_602 GBV_ILN_2014 GBV_ILN_4012 GBV_ILN_4037 GBV_ILN_4112 GBV_ILN_4125 GBV_ILN_4126 GBV_ILN_4249 GBV_ILN_4305 GBV_ILN_4306 GBV_ILN_4307 GBV_ILN_4313 GBV_ILN_4322 GBV_ILN_4323 GBV_ILN_4324 GBV_ILN_4325 GBV_ILN_4335 GBV_ILN_4338 GBV_ILN_4367 GBV_ILN_4700 AR 4 2023 287-303 |
allfields_unstemmed |
10.1109/OJIES.2023.3297057 doi (DE-627)DOAJ096153423 (DE-599)DOAJ083780e36b044a569708374923db9b7c DE-627 ger DE-627 rakwb eng TK7800-8360 T55.4-60.8 Bernhard Brenner verfasserin aut Better Safe Than Sorry: Risk Management Based on a Safety-Augmented Network Intrusion Detection System 2023 Text txt rdacontent Computermedien c rdamedia Online-Ressource cr rdacarrier Interconnected industrial control system (ICS) networks based on routable protocols are susceptible to remote attacks similar to classical information technology (IT) networks. However, addressing ICS security in an isolated view is dangerous since ICSs have to ensure safety measures for people, processes, and the environment. The safety and security of ICSs are often addressed separately, without considering their important interrelation. Safety measures can violate security policies (e.g., an emergency stop function accessible by anyone); likewise, a security incident can violate safety policies (e.g., by increasing reaction time). In this article, we propose a network-based intrusion detection system with the interrelation between safety and security in mind. It detects security incidents while evaluating possible safety-related consequences of both the detected attack and possible countermeasures. We evaluate our approach with a Proof of Concept (PoC). The alerts generated by the PoC prototype serve as the basis for a risk management strategy proposed in this article. Our approach provides a basis for safety-aware intrusion detection in smart factories and other cyber-physical systems. Industrial control systems (ICSs) incident response information technology (IT) / operational technology (OT) convergence OT security risk management safety Electronics Industrial engineering. Management engineering Siegfried Hollerer verfasserin aut Pushparaj Bhosale verfasserin aut Thilo Sauter verfasserin aut Wolfgang Kastner verfasserin aut Joachim Fabini verfasserin aut Tanja Zseby verfasserin aut In IEEE Open Journal of the Industrial Electronics Society IEEE, 2020 4(2023), Seite 287-303 (DE-627)1690051620 (DE-600)3008466-0 26441284 nnns volume:4 year:2023 pages:287-303 https://doi.org/10.1109/OJIES.2023.3297057 kostenfrei https://doaj.org/article/083780e36b044a569708374923db9b7c kostenfrei https://ieeexplore.ieee.org/document/10187675/ kostenfrei https://doaj.org/toc/2644-1284 Journal toc kostenfrei GBV_USEFLAG_A SYSFLAG_A GBV_DOAJ GBV_ILN_20 GBV_ILN_22 GBV_ILN_23 GBV_ILN_24 GBV_ILN_31 GBV_ILN_39 GBV_ILN_40 GBV_ILN_60 GBV_ILN_62 GBV_ILN_63 GBV_ILN_65 GBV_ILN_69 GBV_ILN_70 GBV_ILN_73 GBV_ILN_95 GBV_ILN_105 GBV_ILN_110 GBV_ILN_151 GBV_ILN_161 GBV_ILN_170 GBV_ILN_213 GBV_ILN_230 GBV_ILN_285 GBV_ILN_293 GBV_ILN_370 GBV_ILN_602 GBV_ILN_2014 GBV_ILN_4012 GBV_ILN_4037 GBV_ILN_4112 GBV_ILN_4125 GBV_ILN_4126 GBV_ILN_4249 GBV_ILN_4305 GBV_ILN_4306 GBV_ILN_4307 GBV_ILN_4313 GBV_ILN_4322 GBV_ILN_4323 GBV_ILN_4324 GBV_ILN_4325 GBV_ILN_4335 GBV_ILN_4338 GBV_ILN_4367 GBV_ILN_4700 AR 4 2023 287-303 |
allfieldsGer |
10.1109/OJIES.2023.3297057 doi (DE-627)DOAJ096153423 (DE-599)DOAJ083780e36b044a569708374923db9b7c DE-627 ger DE-627 rakwb eng TK7800-8360 T55.4-60.8 Bernhard Brenner verfasserin aut Better Safe Than Sorry: Risk Management Based on a Safety-Augmented Network Intrusion Detection System 2023 Text txt rdacontent Computermedien c rdamedia Online-Ressource cr rdacarrier Interconnected industrial control system (ICS) networks based on routable protocols are susceptible to remote attacks similar to classical information technology (IT) networks. However, addressing ICS security in an isolated view is dangerous since ICSs have to ensure safety measures for people, processes, and the environment. The safety and security of ICSs are often addressed separately, without considering their important interrelation. Safety measures can violate security policies (e.g., an emergency stop function accessible by anyone); likewise, a security incident can violate safety policies (e.g., by increasing reaction time). In this article, we propose a network-based intrusion detection system with the interrelation between safety and security in mind. It detects security incidents while evaluating possible safety-related consequences of both the detected attack and possible countermeasures. We evaluate our approach with a Proof of Concept (PoC). The alerts generated by the PoC prototype serve as the basis for a risk management strategy proposed in this article. Our approach provides a basis for safety-aware intrusion detection in smart factories and other cyber-physical systems. Industrial control systems (ICSs) incident response information technology (IT) / operational technology (OT) convergence OT security risk management safety Electronics Industrial engineering. Management engineering Siegfried Hollerer verfasserin aut Pushparaj Bhosale verfasserin aut Thilo Sauter verfasserin aut Wolfgang Kastner verfasserin aut Joachim Fabini verfasserin aut Tanja Zseby verfasserin aut In IEEE Open Journal of the Industrial Electronics Society IEEE, 2020 4(2023), Seite 287-303 (DE-627)1690051620 (DE-600)3008466-0 26441284 nnns volume:4 year:2023 pages:287-303 https://doi.org/10.1109/OJIES.2023.3297057 kostenfrei https://doaj.org/article/083780e36b044a569708374923db9b7c kostenfrei https://ieeexplore.ieee.org/document/10187675/ kostenfrei https://doaj.org/toc/2644-1284 Journal toc kostenfrei GBV_USEFLAG_A SYSFLAG_A GBV_DOAJ GBV_ILN_20 GBV_ILN_22 GBV_ILN_23 GBV_ILN_24 GBV_ILN_31 GBV_ILN_39 GBV_ILN_40 GBV_ILN_60 GBV_ILN_62 GBV_ILN_63 GBV_ILN_65 GBV_ILN_69 GBV_ILN_70 GBV_ILN_73 GBV_ILN_95 GBV_ILN_105 GBV_ILN_110 GBV_ILN_151 GBV_ILN_161 GBV_ILN_170 GBV_ILN_213 GBV_ILN_230 GBV_ILN_285 GBV_ILN_293 GBV_ILN_370 GBV_ILN_602 GBV_ILN_2014 GBV_ILN_4012 GBV_ILN_4037 GBV_ILN_4112 GBV_ILN_4125 GBV_ILN_4126 GBV_ILN_4249 GBV_ILN_4305 GBV_ILN_4306 GBV_ILN_4307 GBV_ILN_4313 GBV_ILN_4322 GBV_ILN_4323 GBV_ILN_4324 GBV_ILN_4325 GBV_ILN_4335 GBV_ILN_4338 GBV_ILN_4367 GBV_ILN_4700 AR 4 2023 287-303 |
allfieldsSound |
10.1109/OJIES.2023.3297057 doi (DE-627)DOAJ096153423 (DE-599)DOAJ083780e36b044a569708374923db9b7c DE-627 ger DE-627 rakwb eng TK7800-8360 T55.4-60.8 Bernhard Brenner verfasserin aut Better Safe Than Sorry: Risk Management Based on a Safety-Augmented Network Intrusion Detection System 2023 Text txt rdacontent Computermedien c rdamedia Online-Ressource cr rdacarrier Interconnected industrial control system (ICS) networks based on routable protocols are susceptible to remote attacks similar to classical information technology (IT) networks. However, addressing ICS security in an isolated view is dangerous since ICSs have to ensure safety measures for people, processes, and the environment. The safety and security of ICSs are often addressed separately, without considering their important interrelation. Safety measures can violate security policies (e.g., an emergency stop function accessible by anyone); likewise, a security incident can violate safety policies (e.g., by increasing reaction time). In this article, we propose a network-based intrusion detection system with the interrelation between safety and security in mind. It detects security incidents while evaluating possible safety-related consequences of both the detected attack and possible countermeasures. We evaluate our approach with a Proof of Concept (PoC). The alerts generated by the PoC prototype serve as the basis for a risk management strategy proposed in this article. Our approach provides a basis for safety-aware intrusion detection in smart factories and other cyber-physical systems. Industrial control systems (ICSs) incident response information technology (IT) / operational technology (OT) convergence OT security risk management safety Electronics Industrial engineering. Management engineering Siegfried Hollerer verfasserin aut Pushparaj Bhosale verfasserin aut Thilo Sauter verfasserin aut Wolfgang Kastner verfasserin aut Joachim Fabini verfasserin aut Tanja Zseby verfasserin aut In IEEE Open Journal of the Industrial Electronics Society IEEE, 2020 4(2023), Seite 287-303 (DE-627)1690051620 (DE-600)3008466-0 26441284 nnns volume:4 year:2023 pages:287-303 https://doi.org/10.1109/OJIES.2023.3297057 kostenfrei https://doaj.org/article/083780e36b044a569708374923db9b7c kostenfrei https://ieeexplore.ieee.org/document/10187675/ kostenfrei https://doaj.org/toc/2644-1284 Journal toc kostenfrei GBV_USEFLAG_A SYSFLAG_A GBV_DOAJ GBV_ILN_20 GBV_ILN_22 GBV_ILN_23 GBV_ILN_24 GBV_ILN_31 GBV_ILN_39 GBV_ILN_40 GBV_ILN_60 GBV_ILN_62 GBV_ILN_63 GBV_ILN_65 GBV_ILN_69 GBV_ILN_70 GBV_ILN_73 GBV_ILN_95 GBV_ILN_105 GBV_ILN_110 GBV_ILN_151 GBV_ILN_161 GBV_ILN_170 GBV_ILN_213 GBV_ILN_230 GBV_ILN_285 GBV_ILN_293 GBV_ILN_370 GBV_ILN_602 GBV_ILN_2014 GBV_ILN_4012 GBV_ILN_4037 GBV_ILN_4112 GBV_ILN_4125 GBV_ILN_4126 GBV_ILN_4249 GBV_ILN_4305 GBV_ILN_4306 GBV_ILN_4307 GBV_ILN_4313 GBV_ILN_4322 GBV_ILN_4323 GBV_ILN_4324 GBV_ILN_4325 GBV_ILN_4335 GBV_ILN_4338 GBV_ILN_4367 GBV_ILN_4700 AR 4 2023 287-303 |
language |
English |
source |
In IEEE Open Journal of the Industrial Electronics Society 4(2023), Seite 287-303 volume:4 year:2023 pages:287-303 |
sourceStr |
In IEEE Open Journal of the Industrial Electronics Society 4(2023), Seite 287-303 volume:4 year:2023 pages:287-303 |
format_phy_str_mv |
Article |
institution |
findex.gbv.de |
topic_facet |
Industrial control systems (ICSs) incident response information technology (IT) / operational technology (OT) convergence OT security risk management safety Electronics Industrial engineering. Management engineering |
isfreeaccess_bool |
true |
container_title |
IEEE Open Journal of the Industrial Electronics Society |
authorswithroles_txt_mv |
Bernhard Brenner @@aut@@ Siegfried Hollerer @@aut@@ Pushparaj Bhosale @@aut@@ Thilo Sauter @@aut@@ Wolfgang Kastner @@aut@@ Joachim Fabini @@aut@@ Tanja Zseby @@aut@@ |
publishDateDaySort_date |
2023-01-01T00:00:00Z |
hierarchy_top_id |
1690051620 |
id |
DOAJ096153423 |
language_de |
englisch |
fullrecord |
<?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>01000naa a22002652 4500</leader><controlfield tag="001">DOAJ096153423</controlfield><controlfield tag="003">DE-627</controlfield><controlfield tag="005">20240413143012.0</controlfield><controlfield tag="007">cr uuu---uuuuu</controlfield><controlfield tag="008">240413s2023 xx |||||o 00| ||eng c</controlfield><datafield tag="024" ind1="7" ind2=" "><subfield code="a">10.1109/OJIES.2023.3297057</subfield><subfield code="2">doi</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-627)DOAJ096153423</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-599)DOAJ083780e36b044a569708374923db9b7c</subfield></datafield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">DE-627</subfield><subfield code="b">ger</subfield><subfield code="c">DE-627</subfield><subfield code="e">rakwb</subfield></datafield><datafield tag="041" ind1=" " ind2=" "><subfield code="a">eng</subfield></datafield><datafield tag="050" ind1=" " ind2="0"><subfield code="a">TK7800-8360</subfield></datafield><datafield tag="050" ind1=" " ind2="0"><subfield code="a">T55.4-60.8</subfield></datafield><datafield tag="100" ind1="0" ind2=" "><subfield code="a">Bernhard Brenner</subfield><subfield code="e">verfasserin</subfield><subfield code="4">aut</subfield></datafield><datafield tag="245" ind1="1" ind2="0"><subfield code="a">Better Safe Than Sorry: Risk Management Based on a Safety-Augmented Network Intrusion Detection System</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="c">2023</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="a">Text</subfield><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="a">Computermedien</subfield><subfield code="b">c</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="a">Online-Ressource</subfield><subfield code="b">cr</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="520" ind1=" " ind2=" "><subfield code="a">Interconnected industrial control system (ICS) networks based on routable protocols are susceptible to remote attacks similar to classical information technology (IT) networks. However, addressing ICS security in an isolated view is dangerous since ICSs have to ensure safety measures for people, processes, and the environment. The safety and security of ICSs are often addressed separately, without considering their important interrelation. Safety measures can violate security policies (e.g., an emergency stop function accessible by anyone); likewise, a security incident can violate safety policies (e.g., by increasing reaction time). In this article, we propose a network-based intrusion detection system with the interrelation between safety and security in mind. It detects security incidents while evaluating possible safety-related consequences of both the detected attack and possible countermeasures. We evaluate our approach with a Proof of Concept (PoC). The alerts generated by the PoC prototype serve as the basis for a risk management strategy proposed in this article. Our approach provides a basis for safety-aware intrusion detection in smart factories and other cyber-physical systems.</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Industrial control systems (ICSs)</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">incident response</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">information technology (IT) / operational technology (OT) convergence</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">OT security</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">risk management</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">safety</subfield></datafield><datafield tag="653" ind1=" " ind2="0"><subfield code="a">Electronics</subfield></datafield><datafield tag="653" ind1=" " ind2="0"><subfield code="a">Industrial engineering. Management engineering</subfield></datafield><datafield tag="700" ind1="0" ind2=" "><subfield code="a">Siegfried Hollerer</subfield><subfield code="e">verfasserin</subfield><subfield code="4">aut</subfield></datafield><datafield tag="700" ind1="0" ind2=" "><subfield code="a">Pushparaj Bhosale</subfield><subfield code="e">verfasserin</subfield><subfield code="4">aut</subfield></datafield><datafield tag="700" ind1="0" ind2=" "><subfield code="a">Thilo Sauter</subfield><subfield code="e">verfasserin</subfield><subfield code="4">aut</subfield></datafield><datafield tag="700" ind1="0" ind2=" "><subfield code="a">Wolfgang Kastner</subfield><subfield code="e">verfasserin</subfield><subfield code="4">aut</subfield></datafield><datafield tag="700" ind1="0" ind2=" "><subfield code="a">Joachim Fabini</subfield><subfield code="e">verfasserin</subfield><subfield code="4">aut</subfield></datafield><datafield tag="700" ind1="0" ind2=" "><subfield code="a">Tanja Zseby</subfield><subfield code="e">verfasserin</subfield><subfield code="4">aut</subfield></datafield><datafield tag="773" ind1="0" ind2="8"><subfield code="i">In</subfield><subfield code="t">IEEE Open Journal of the Industrial Electronics Society</subfield><subfield code="d">IEEE, 2020</subfield><subfield code="g">4(2023), Seite 287-303</subfield><subfield code="w">(DE-627)1690051620</subfield><subfield code="w">(DE-600)3008466-0</subfield><subfield code="x">26441284</subfield><subfield code="7">nnns</subfield></datafield><datafield tag="773" ind1="1" ind2="8"><subfield code="g">volume:4</subfield><subfield code="g">year:2023</subfield><subfield code="g">pages:287-303</subfield></datafield><datafield tag="856" ind1="4" ind2="0"><subfield code="u">https://doi.org/10.1109/OJIES.2023.3297057</subfield><subfield code="z">kostenfrei</subfield></datafield><datafield tag="856" ind1="4" ind2="0"><subfield code="u">https://doaj.org/article/083780e36b044a569708374923db9b7c</subfield><subfield code="z">kostenfrei</subfield></datafield><datafield tag="856" ind1="4" ind2="0"><subfield code="u">https://ieeexplore.ieee.org/document/10187675/</subfield><subfield code="z">kostenfrei</subfield></datafield><datafield tag="856" ind1="4" ind2="2"><subfield code="u">https://doaj.org/toc/2644-1284</subfield><subfield code="y">Journal toc</subfield><subfield code="z">kostenfrei</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_USEFLAG_A</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">SYSFLAG_A</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_DOAJ</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_20</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_22</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_23</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_24</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_31</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_39</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_40</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_60</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_62</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_63</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_65</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_69</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_70</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_73</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_95</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_105</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_110</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_151</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_161</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_170</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_213</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_230</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_285</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_293</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_370</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_602</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_2014</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4012</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4037</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4112</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4125</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4126</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4249</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4305</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4306</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4307</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4313</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4322</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4323</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4324</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4325</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4335</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4338</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4367</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4700</subfield></datafield><datafield tag="951" ind1=" " ind2=" "><subfield code="a">AR</subfield></datafield><datafield tag="952" ind1=" " ind2=" "><subfield code="d">4</subfield><subfield code="j">2023</subfield><subfield code="h">287-303</subfield></datafield></record></collection>
|
callnumber-first |
T - Technology |
author |
Bernhard Brenner |
spellingShingle |
Bernhard Brenner misc TK7800-8360 misc T55.4-60.8 misc Industrial control systems (ICSs) misc incident response misc information technology (IT) / operational technology (OT) convergence misc OT security misc risk management misc safety misc Electronics misc Industrial engineering. Management engineering Better Safe Than Sorry: Risk Management Based on a Safety-Augmented Network Intrusion Detection System |
authorStr |
Bernhard Brenner |
ppnlink_with_tag_str_mv |
@@773@@(DE-627)1690051620 |
format |
electronic Article |
delete_txt_mv |
keep |
author_role |
aut aut aut aut aut aut aut |
collection |
DOAJ |
remote_str |
true |
callnumber-label |
TK7800-8360 |
illustrated |
Not Illustrated |
issn |
26441284 |
topic_title |
TK7800-8360 T55.4-60.8 Better Safe Than Sorry: Risk Management Based on a Safety-Augmented Network Intrusion Detection System Industrial control systems (ICSs) incident response information technology (IT) / operational technology (OT) convergence OT security risk management safety |
topic |
misc TK7800-8360 misc T55.4-60.8 misc Industrial control systems (ICSs) misc incident response misc information technology (IT) / operational technology (OT) convergence misc OT security misc risk management misc safety misc Electronics misc Industrial engineering. Management engineering |
topic_unstemmed |
misc TK7800-8360 misc T55.4-60.8 misc Industrial control systems (ICSs) misc incident response misc information technology (IT) / operational technology (OT) convergence misc OT security misc risk management misc safety misc Electronics misc Industrial engineering. Management engineering |
topic_browse |
misc TK7800-8360 misc T55.4-60.8 misc Industrial control systems (ICSs) misc incident response misc information technology (IT) / operational technology (OT) convergence misc OT security misc risk management misc safety misc Electronics misc Industrial engineering. Management engineering |
format_facet |
Elektronische Aufsätze Aufsätze Elektronische Ressource |
format_main_str_mv |
Text Zeitschrift/Artikel |
carriertype_str_mv |
cr |
hierarchy_parent_title |
IEEE Open Journal of the Industrial Electronics Society |
hierarchy_parent_id |
1690051620 |
hierarchy_top_title |
IEEE Open Journal of the Industrial Electronics Society |
isfreeaccess_txt |
true |
familylinks_str_mv |
(DE-627)1690051620 (DE-600)3008466-0 |
title |
Better Safe Than Sorry: Risk Management Based on a Safety-Augmented Network Intrusion Detection System |
ctrlnum |
(DE-627)DOAJ096153423 (DE-599)DOAJ083780e36b044a569708374923db9b7c |
title_full |
Better Safe Than Sorry: Risk Management Based on a Safety-Augmented Network Intrusion Detection System |
author_sort |
Bernhard Brenner |
journal |
IEEE Open Journal of the Industrial Electronics Society |
journalStr |
IEEE Open Journal of the Industrial Electronics Society |
callnumber-first-code |
T |
lang_code |
eng |
isOA_bool |
true |
recordtype |
marc |
publishDateSort |
2023 |
contenttype_str_mv |
txt |
container_start_page |
287 |
author_browse |
Bernhard Brenner Siegfried Hollerer Pushparaj Bhosale Thilo Sauter Wolfgang Kastner Joachim Fabini Tanja Zseby |
container_volume |
4 |
class |
TK7800-8360 T55.4-60.8 |
format_se |
Elektronische Aufsätze |
author-letter |
Bernhard Brenner |
doi_str_mv |
10.1109/OJIES.2023.3297057 |
author2-role |
verfasserin |
title_sort |
better safe than sorry: risk management based on a safety-augmented network intrusion detection system |
callnumber |
TK7800-8360 |
title_auth |
Better Safe Than Sorry: Risk Management Based on a Safety-Augmented Network Intrusion Detection System |
abstract |
Interconnected industrial control system (ICS) networks based on routable protocols are susceptible to remote attacks similar to classical information technology (IT) networks. However, addressing ICS security in an isolated view is dangerous since ICSs have to ensure safety measures for people, processes, and the environment. The safety and security of ICSs are often addressed separately, without considering their important interrelation. Safety measures can violate security policies (e.g., an emergency stop function accessible by anyone); likewise, a security incident can violate safety policies (e.g., by increasing reaction time). In this article, we propose a network-based intrusion detection system with the interrelation between safety and security in mind. It detects security incidents while evaluating possible safety-related consequences of both the detected attack and possible countermeasures. We evaluate our approach with a Proof of Concept (PoC). The alerts generated by the PoC prototype serve as the basis for a risk management strategy proposed in this article. Our approach provides a basis for safety-aware intrusion detection in smart factories and other cyber-physical systems. |
abstractGer |
Interconnected industrial control system (ICS) networks based on routable protocols are susceptible to remote attacks similar to classical information technology (IT) networks. However, addressing ICS security in an isolated view is dangerous since ICSs have to ensure safety measures for people, processes, and the environment. The safety and security of ICSs are often addressed separately, without considering their important interrelation. Safety measures can violate security policies (e.g., an emergency stop function accessible by anyone); likewise, a security incident can violate safety policies (e.g., by increasing reaction time). In this article, we propose a network-based intrusion detection system with the interrelation between safety and security in mind. It detects security incidents while evaluating possible safety-related consequences of both the detected attack and possible countermeasures. We evaluate our approach with a Proof of Concept (PoC). The alerts generated by the PoC prototype serve as the basis for a risk management strategy proposed in this article. Our approach provides a basis for safety-aware intrusion detection in smart factories and other cyber-physical systems. |
abstract_unstemmed |
Interconnected industrial control system (ICS) networks based on routable protocols are susceptible to remote attacks similar to classical information technology (IT) networks. However, addressing ICS security in an isolated view is dangerous since ICSs have to ensure safety measures for people, processes, and the environment. The safety and security of ICSs are often addressed separately, without considering their important interrelation. Safety measures can violate security policies (e.g., an emergency stop function accessible by anyone); likewise, a security incident can violate safety policies (e.g., by increasing reaction time). In this article, we propose a network-based intrusion detection system with the interrelation between safety and security in mind. It detects security incidents while evaluating possible safety-related consequences of both the detected attack and possible countermeasures. We evaluate our approach with a Proof of Concept (PoC). The alerts generated by the PoC prototype serve as the basis for a risk management strategy proposed in this article. Our approach provides a basis for safety-aware intrusion detection in smart factories and other cyber-physical systems. |
collection_details |
GBV_USEFLAG_A SYSFLAG_A GBV_DOAJ GBV_ILN_20 GBV_ILN_22 GBV_ILN_23 GBV_ILN_24 GBV_ILN_31 GBV_ILN_39 GBV_ILN_40 GBV_ILN_60 GBV_ILN_62 GBV_ILN_63 GBV_ILN_65 GBV_ILN_69 GBV_ILN_70 GBV_ILN_73 GBV_ILN_95 GBV_ILN_105 GBV_ILN_110 GBV_ILN_151 GBV_ILN_161 GBV_ILN_170 GBV_ILN_213 GBV_ILN_230 GBV_ILN_285 GBV_ILN_293 GBV_ILN_370 GBV_ILN_602 GBV_ILN_2014 GBV_ILN_4012 GBV_ILN_4037 GBV_ILN_4112 GBV_ILN_4125 GBV_ILN_4126 GBV_ILN_4249 GBV_ILN_4305 GBV_ILN_4306 GBV_ILN_4307 GBV_ILN_4313 GBV_ILN_4322 GBV_ILN_4323 GBV_ILN_4324 GBV_ILN_4325 GBV_ILN_4335 GBV_ILN_4338 GBV_ILN_4367 GBV_ILN_4700 |
title_short |
Better Safe Than Sorry: Risk Management Based on a Safety-Augmented Network Intrusion Detection System |
url |
https://doi.org/10.1109/OJIES.2023.3297057 https://doaj.org/article/083780e36b044a569708374923db9b7c https://ieeexplore.ieee.org/document/10187675/ https://doaj.org/toc/2644-1284 |
remote_bool |
true |
author2 |
Siegfried Hollerer Pushparaj Bhosale Thilo Sauter Wolfgang Kastner Joachim Fabini Tanja Zseby |
author2Str |
Siegfried Hollerer Pushparaj Bhosale Thilo Sauter Wolfgang Kastner Joachim Fabini Tanja Zseby |
ppnlink |
1690051620 |
callnumber-subject |
TK - Electrical and Nuclear Engineering |
mediatype_str_mv |
c |
isOA_txt |
true |
hochschulschrift_bool |
false |
doi_str |
10.1109/OJIES.2023.3297057 |
callnumber-a |
TK7800-8360 |
up_date |
2024-07-03T18:33:49.502Z |
_version_ |
1803583885947174912 |
fullrecord_marcxml |
<?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>01000naa a22002652 4500</leader><controlfield tag="001">DOAJ096153423</controlfield><controlfield tag="003">DE-627</controlfield><controlfield tag="005">20240413143012.0</controlfield><controlfield tag="007">cr uuu---uuuuu</controlfield><controlfield tag="008">240413s2023 xx |||||o 00| ||eng c</controlfield><datafield tag="024" ind1="7" ind2=" "><subfield code="a">10.1109/OJIES.2023.3297057</subfield><subfield code="2">doi</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-627)DOAJ096153423</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-599)DOAJ083780e36b044a569708374923db9b7c</subfield></datafield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">DE-627</subfield><subfield code="b">ger</subfield><subfield code="c">DE-627</subfield><subfield code="e">rakwb</subfield></datafield><datafield tag="041" ind1=" " ind2=" "><subfield code="a">eng</subfield></datafield><datafield tag="050" ind1=" " ind2="0"><subfield code="a">TK7800-8360</subfield></datafield><datafield tag="050" ind1=" " ind2="0"><subfield code="a">T55.4-60.8</subfield></datafield><datafield tag="100" ind1="0" ind2=" "><subfield code="a">Bernhard Brenner</subfield><subfield code="e">verfasserin</subfield><subfield code="4">aut</subfield></datafield><datafield tag="245" ind1="1" ind2="0"><subfield code="a">Better Safe Than Sorry: Risk Management Based on a Safety-Augmented Network Intrusion Detection System</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="c">2023</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="a">Text</subfield><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="a">Computermedien</subfield><subfield code="b">c</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="a">Online-Ressource</subfield><subfield code="b">cr</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="520" ind1=" " ind2=" "><subfield code="a">Interconnected industrial control system (ICS) networks based on routable protocols are susceptible to remote attacks similar to classical information technology (IT) networks. However, addressing ICS security in an isolated view is dangerous since ICSs have to ensure safety measures for people, processes, and the environment. The safety and security of ICSs are often addressed separately, without considering their important interrelation. Safety measures can violate security policies (e.g., an emergency stop function accessible by anyone); likewise, a security incident can violate safety policies (e.g., by increasing reaction time). In this article, we propose a network-based intrusion detection system with the interrelation between safety and security in mind. It detects security incidents while evaluating possible safety-related consequences of both the detected attack and possible countermeasures. We evaluate our approach with a Proof of Concept (PoC). The alerts generated by the PoC prototype serve as the basis for a risk management strategy proposed in this article. Our approach provides a basis for safety-aware intrusion detection in smart factories and other cyber-physical systems.</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Industrial control systems (ICSs)</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">incident response</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">information technology (IT) / operational technology (OT) convergence</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">OT security</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">risk management</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">safety</subfield></datafield><datafield tag="653" ind1=" " ind2="0"><subfield code="a">Electronics</subfield></datafield><datafield tag="653" ind1=" " ind2="0"><subfield code="a">Industrial engineering. Management engineering</subfield></datafield><datafield tag="700" ind1="0" ind2=" "><subfield code="a">Siegfried Hollerer</subfield><subfield code="e">verfasserin</subfield><subfield code="4">aut</subfield></datafield><datafield tag="700" ind1="0" ind2=" "><subfield code="a">Pushparaj Bhosale</subfield><subfield code="e">verfasserin</subfield><subfield code="4">aut</subfield></datafield><datafield tag="700" ind1="0" ind2=" "><subfield code="a">Thilo Sauter</subfield><subfield code="e">verfasserin</subfield><subfield code="4">aut</subfield></datafield><datafield tag="700" ind1="0" ind2=" "><subfield code="a">Wolfgang Kastner</subfield><subfield code="e">verfasserin</subfield><subfield code="4">aut</subfield></datafield><datafield tag="700" ind1="0" ind2=" "><subfield code="a">Joachim Fabini</subfield><subfield code="e">verfasserin</subfield><subfield code="4">aut</subfield></datafield><datafield tag="700" ind1="0" ind2=" "><subfield code="a">Tanja Zseby</subfield><subfield code="e">verfasserin</subfield><subfield code="4">aut</subfield></datafield><datafield tag="773" ind1="0" ind2="8"><subfield code="i">In</subfield><subfield code="t">IEEE Open Journal of the Industrial Electronics Society</subfield><subfield code="d">IEEE, 2020</subfield><subfield code="g">4(2023), Seite 287-303</subfield><subfield code="w">(DE-627)1690051620</subfield><subfield code="w">(DE-600)3008466-0</subfield><subfield code="x">26441284</subfield><subfield code="7">nnns</subfield></datafield><datafield tag="773" ind1="1" ind2="8"><subfield code="g">volume:4</subfield><subfield code="g">year:2023</subfield><subfield code="g">pages:287-303</subfield></datafield><datafield tag="856" ind1="4" ind2="0"><subfield code="u">https://doi.org/10.1109/OJIES.2023.3297057</subfield><subfield code="z">kostenfrei</subfield></datafield><datafield tag="856" ind1="4" ind2="0"><subfield code="u">https://doaj.org/article/083780e36b044a569708374923db9b7c</subfield><subfield code="z">kostenfrei</subfield></datafield><datafield tag="856" ind1="4" ind2="0"><subfield code="u">https://ieeexplore.ieee.org/document/10187675/</subfield><subfield code="z">kostenfrei</subfield></datafield><datafield tag="856" ind1="4" ind2="2"><subfield code="u">https://doaj.org/toc/2644-1284</subfield><subfield code="y">Journal toc</subfield><subfield code="z">kostenfrei</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_USEFLAG_A</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">SYSFLAG_A</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_DOAJ</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_20</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_22</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_23</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_24</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_31</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_39</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_40</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_60</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_62</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_63</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_65</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_69</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_70</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_73</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_95</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_105</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_110</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_151</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_161</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_170</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_213</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_230</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_285</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_293</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_370</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_602</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_2014</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4012</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4037</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4112</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4125</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4126</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4249</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4305</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4306</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4307</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4313</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4322</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4323</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4324</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4325</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4335</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4338</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4367</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4700</subfield></datafield><datafield tag="951" ind1=" " ind2=" "><subfield code="a">AR</subfield></datafield><datafield tag="952" ind1=" " ind2=" "><subfield code="d">4</subfield><subfield code="j">2023</subfield><subfield code="h">287-303</subfield></datafield></record></collection>
|
score |
7.399802 |