Increasing Visibility of IEC 104 Communication in the Smart Grid

Kód výsledku v IS VaVaI

<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216305%3A26230%2F19%3APU134160" target="_blank" >RIV/00216305:26230/19:PU134160 - isvavai.cz</a>

Výsledek na webu

<a href="https://www.scienceopen.com/document?vid=0ba50e72-98fe-4bbf-b683-6107a28c4df4" target="_blank" >https://www.scienceopen.com/document?vid=0ba50e72-98fe-4bbf-b683-6107a28c4df4</a>

DOI - Digital Object Identifier

<a href="http://dx.doi.org/10.14236/ewic/icscsr19.3" target="_blank" >10.14236/ewic/icscsr19.3</a>

Jazyk výsledku

angličtina

Název v původním jazyce

Increasing Visibility of IEC 104 Communication in the Smart Grid

Popis výsledku v původním jazyce

Energy systems like smart grids are part of critical infrastructure and their interruption or blackout may have fatal consequences on energy production, distribution, and eventually the life of individual people. In order to secure communication in Industrial Control Systems (ICS) and detect cyber attacks on smart grids, we need to increase visibility of ICS communication so that an operator can see what commands are sent between ICS devices. Security monitoring of ICS transmission requires (i) retrieving monitoring data from ICS packets, (ii) processing and analyzing extracted data, (iii) visualizing the passing communication to the operator. The  proposed work presents a concept of ICS flow monitoring system that extracts meta data from ICS packet headers and creates ICS flow records similarly to Netflow/IPFIX system. ICS flows represent communication in the smart grid network that is further visualized using dashboard and communication charts. Unlike traditional monitoring approach that works with network and transport layer data only, we extend flow monitoring to application layer with focus on ICS protocols. The proposed approach is demonstrated on monitoring IEC 60870-5-104 communication.

Název v anglickém jazyce

Increasing Visibility of IEC 104 Communication in the Smart Grid

Popis výsledku anglicky

Energy systems like smart grids are part of critical infrastructure and their interruption or blackout may have fatal consequences on energy production, distribution, and eventually the life of individual people. In order to secure communication in Industrial Control Systems (ICS) and detect cyber attacks on smart grids, we need to increase visibility of ICS communication so that an operator can see what commands are sent between ICS devices. Security monitoring of ICS transmission requires (i) retrieving monitoring data from ICS packets, (ii) processing and analyzing extracted data, (iii) visualizing the passing communication to the operator. The  proposed work presents a concept of ICS flow monitoring system that extracts meta data from ICS packet headers and creates ICS flow records similarly to Netflow/IPFIX system. ICS flows represent communication in the smart grid network that is further visualized using dashboard and communication charts. Unlike traditional monitoring approach that works with network and transport layer data only, we extend flow monitoring to application layer with focus on ICS protocols. The proposed approach is demonstrated on monitoring IEC 60870-5-104 communication.

Druh

D - Stať ve sborníku

CEP obor

—

OECD FORD obor

20206 - Computer hardware and architecture

Projekt

<a href="/cs/project/TF03000029" target="_blank" >TF03000029: Monitorování a digitální forenzní analýza prostředí IoT (IRONSTONE)</a><br>

Návaznosti

P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)

Rok uplatnění

2019

Kód důvěrnosti údajů

S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Název statě ve sborníku

6th International Symposium for ICS & SCADA Cyber Security Research 2019

ISBN

978-1-78017-523-2

ISSN

—

e-ISSN

—

Počet stran výsledku

10

Strana od-do

21-30

Název nakladatele

BCS Learning and Development Ltd.

Místo vydání

Swindon

Místo konání akce

Athens

Datum konání akce

10. 9. 2019

Typ akce podle státní příslušnosti

WRD - Celosvětová akce

Kód UT WoS článku

—