Attack Resilient Cloud-based Industrial Control Systems

Abstract: Industrial control systems (ICSs) are a significant part of industry and they play an important role in monitoring and controlling industrial processes. Traditionally, ICSs have been isolated from the Internet, and thereby secured from various Internet-based security threats. In recent years, since the cloud can provide huge advantages regarding storage and computing resources, industry has been motivated to move industrial control systems to the cloud. However, when ICSs are moved to the cloud, they are inevitably exposed to increasing security threats, which can lead to severe degradation of the system performance or system failures. Moving control systems to the cloud can enable attackers to infiltrate the system and establish an attack that can lead to damages and disruptions with potentially catastrophic consequences. Therefore, some security measures are necessary to detect these attacks in a timely manner and mitigate the impact of them. In the work presented in this thesis, we mainly explore the security challenges of cloud-based industrial control systems and we propose a security framework for these systems that can make them resilient against attacks. Our proposed framework includes attack detection methods that can detect attacks in a timely manner. Also, the framework includes mitigation methods that can mitigate the impact of the attack on the system when an attack has been detected. So, by using this framework, an industrial plant can be maintained operational with an acceptable performance during an attack. Our solutions are validated on a real testbed, where the capabilities are evaluated by subjecting the system to a set of attacks.