Improving security in SCADA systems through firewall policy analysis
The result's identifiers
Result code in IS VaVaI
<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216305%3A26230%2F13%3APU106384" target="_blank" >RIV/00216305:26230/13:PU106384 - isvavai.cz</a>
Result on the web
<a href="http://www.fit.vutbr.cz/research/pubs/all.php?id=10382" target="_blank" >http://www.fit.vutbr.cz/research/pubs/all.php?id=10382</a>
DOI - Digital Object Identifier
—
Alternative languages
Result language
angličtina
Original language name
Improving security in SCADA systems through firewall policy analysis
Original language description
Many of modern SCADA networks are connected to both the company's enterprise network and the Internet. Because these industrial systems often control critical processes the cyber- security requirements become a priority for their design. This paper deals with network communication security in SCADA environment implemented by firewall devices. We proposed a method for verification of firewall configurations against security policy to detect and reveal potential holes in implemented rule sets. We present a straightforward verification method based on representation of a firewall configuration as a set of logical formulas suitable for automated analysis using SAT tools. We demonstrate how such configuration can be analyzed for security policy violation that can be inferred from security policy specification of an industrial automation system.
Czech name
—
Czech description
—
Classification
Type
D - Article in proceedings
CEP classification
—
OECD FORD branch
10201 - Computer sciences, information science, bioinformathics (hardware development to be 2.2, social aspect to be 5.8)
Result continuities
Project
<a href="/en/project/TA01010632" target="_blank" >TA01010632: SCADA System for Real-time Control and Monitoring of Processes</a><br>
Continuities
Z - Vyzkumny zamer (s odkazem do CEZ)<br>S - Specificky vyzkum na vysokych skolach
Others
Publication year
2013
Confidentiality
S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů
Data specific for result type
Article name in the collection
Proceedings of the Federated Conference on Computer Science and Information Systems
ISBN
978-1-4673-4471-5
ISSN
—
e-ISSN
—
Number of pages
6
Pages from-to
1435-1440
Publisher name
IEEE Computer Society
Place of publication
Krakow
Event location
Krakow
Event date
Sep 8, 2013
Type of event by nationality
WRD - Celosvětová akce
UT code for WoS article
—