Conference paper

RYŠAVÝ Ondřej, RÁB Jaroslav and ŠVÉDA Miroslav. Improving security in SCADA systems through firewall policy analysis. In: Proceedings of the Federated Conference on Computer Science and Information Systems. Krakow: IEEE Computer Society, 2013, pp. 1435-1440. ISBN 978-1-4673-4471-5.
Publication language:english
Original title:Improving security in SCADA systems through firewall policy analysis
Title (cs):Zvýšení bezpečnosti SCADA systémů pomocí analýzy filtrovacích pravidel firewalů
Pages:1435-1440
Proceedings:Proceedings of the Federated Conference on Computer Science and Information Systems
Conference:FedCSIS 2013 International Workshop on Cyber-Physical Systems
Place:Krakow, PL
Year:2013
ISBN:978-1-4673-4471-5
Publisher:IEEE Computer Society
Files: 
+Type Name Title Size Last modified
icon06644205.pdf213 KB2013-11-19 09:13:14
icon43.pdf213 KB2013-09-24 10:18:51
^ Select all
With selected:
Keywords
SCADA, network firewalls, network security, network policy, SAT/SMT, firewall rule based analysis
Annotation

Many of modern SCADA networks are connected to both the company's enterprise network and the Internet. Because these industrial systems often control critical processes the cyber- security requirements become a priority for their design.

This paper deals with network communication security in SCADA environment implemented by firewall devices. We proposed a method for verification of firewall configurations against security policy to detect and reveal potential holes in implemented rule sets. We present a straightforward verification method based on representation of a firewall configuration as a set of logical formulas suitable for automated analysis using SAT tools. We demonstrate how such configuration can be analyzed for security policy violation that can be inferred from security policy specification of an industrial automation system. 

BibTeX:
@INPROCEEDINGS{
   author = {Ond{\v{r}}ej Ry{\v{s}}av{\'{y}} and Jaroslav R{\'{a}}b and
	Miroslav {\v{S}}v{\'{e}}da},
   title = {Improving security in SCADA systems through firewall policy
	analysis},
   pages = {1435--1440},
   booktitle = {Proceedings of the Federated Conference on Computer Science
	and Information Systems},
   year = {2013},
   location = {Krakow, PL},
   publisher = {IEEE Computer Society},
   ISBN = {978-1-4673-4471-5},
   language = {english},
   url = {http://www.fit.vutbr.cz/research/view_pub.php?id=10382}
}

Your IPv4 address: 54.198.52.8
Switch to IPv6 connection

DNSSEC [dnssec]