Abstract: Approach for Securing Industrial Control Systems

The omnipresence and reliance on Industrial Control Systems coupled with the steadily increasing number of cyber-attacks against these key systems gives cause for great concern.   Although often located behind the scenes, Industrial Control Systems are vitally important to maintaining operations in industries such as electric, water, oil, energy, chemical, transportation, food, and manufacturing. These systems are often critical, highly interconnected and mutually dependent.  Unfortunately, updating or replacing the Industrial Control System is not always an option due to a number of factors including system complexity, dependencies, and lack of knowledge.  There is a demand for a solution which is capable of securing dated Industrial Control Systems while providing system state awareness.  As demonstrated by Stuxnet, there is a pressing need for a rapidly (one to three year) deployable system able to defend Industrial Control Systems against both simple and complex cyber-attacks.  Research and analysis at the Johns Hopkins University Applied Physics Lab has yielded a general framework and approach for back fitting and securing dated Industrial Control Systems while improving real-time situational awareness of these systems.

The approach centers on intelligently incorporating existing technologies such as firewalls, deep packet inspection, encryption, and behavioral analytics to reduce the exposure to and probability of a damaging cyber-attack. Each investigated technology provides one facet of an adequate cyber defense.  For example, encryption provides system and data confidentiality, while a correctly implemented DPI and firewall can enforce device integrity. Properly integrating these technologies into a single solution increases system security to a greater degree than each single technology can provide alone.  Many of these technologies were not designed for the unique demands of an Industrial Control Systems environment.  Therefore, analysis and tests were conducted to determine how to best integrate existing and predicted future technologies into a unified security system.  The approach was verified using real-world industrial systems modeled after standard industrial and military control environments.


Zachary Birnbaum received B.S. (2012) and Ph.D. (2015) degrees in Electrical Engineering from Binghamton University.  He is currently a researcher at the Johns Hopkins University Applied Physics Lab and an Adjunct Faculty Member of the Johns Hopkins University Whiting School of Engineering. His research areas include Cyber Physical Systems security, behavioral analysis, and cyber threat modeling.