[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to main content

Design of Industrial Firewall System Based on Multiple Access Control Filter

  • Conference paper
  • First Online:
Frontier and Innovation in Future Computing and Communications

Part of the book series: Lecture Notes in Electrical Engineering ((LNEE,volume 301))

Abstract

Although existing control systems have been developed and operated independently, the development of information technology has made access to control systems easier. Note, however, that such advancement of control systems gave rise to many security vulnerabilities; thus, the threat of cyber-attack is increasing as well. Since availability is the most critical factor in a control system, independent network security technology is most appropriate. The leading security device in such form is the firewall system. Therefore, this paper discusses the design and application of the IndusCAP-Gate (Industrial Cyber Attack PreventionGate) system, an industrial firewall system that fundamentally prevents unauthorized access to a control system. It applies access control filters of various levels to provide flexible and clear access control functionality. Most of all, the proposed system—unlike an IT firewall that implements access control to an unspecified mass—has a structure that facilitates the provision of security policy specific to each zone of the control system intranet used for access control of the specific system and service.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Subscribe and save

Springer+ Basic
£29.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
GBP 19.95
Price includes VAT (United Kingdom)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
GBP 199.50
Price includes VAT (United Kingdom)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
GBP 249.99
Price includes VAT (United Kingdom)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
GBP 249.99
Price includes VAT (United Kingdom)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Yoon J, Kim W, Seo J (2012) Control system network security technology trend. 22(5):22–27

    Google Scholar 

  2. Yoo H, Yoon J, Sohn T (2013) Whitelist-based technique to detect abnormal situation for control system security. J Korea Inf Commun Soc 38B(08):641–653

    Article  Google Scholar 

  3. Yoon J, Kim W, Seo J (2012) Study on technology requirement using the technological trend of security products concerning the industrial control system. J Korea Inst Inform Secur Crytology 22(5):22–26

    Google Scholar 

  4. Zhu B, Joseph A, Sastry S (2011) A taxonomy of cyber attacks on SCADA systems. In: Proceedings of IEEE international conference on internet things (iThings/CPSCom), pp 308–388. Dalian, China, Oct 2011

    Google Scholar 

  5. Guide to Industrial Control Systems (ICS) Security. NIST Special Publication 800(82), Jun 2011

    Google Scholar 

  6. Huitsing P, Chandia R, Papa M, Shenoi S (2008) Attack taxonomies for the Modbus protocol. Int J Crit Infrastruct Prot 1:37–44

    Article  Google Scholar 

  7. Cheon Y (2009) Network design and architecture for industrial control system security. J Inf Process 19(5):60–67

    MathSciNet  Google Scholar 

  8. Tofino Security Appliance. http://www.tofinosecurity.com/products

  9. SCADA Firewall. http://www.bayshorenetworks.com/singlekey-scada-firewall.php

  10. Scalance S. http://www.automation.siemens.com

  11. mGuard. http://www.innominate.com/en/products

  12. Modbus IDA (2004) Modbus application protocol specification v1.1a. North Grafton, Massachusetts

    Google Scholar 

  13. DigitalBond’s Basecamp Project. http://www.digitalbond.com/tools/basecamp

Download references

Acknowledgments

This work was supported by the IT R&D program of MSIP/KEIT. [010041560, A development of anomaly detection and a multi-layered response technology to protect an intranet of a control system for the availability of pipeline facilities].

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Byoungkoo Kim .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and permissions

Copyright information

© 2014 Springer Science+Business Media Dordrecht

About this paper

Cite this paper

Kim, B., Kang, DH., Na, JC., Chang, BH., Chung, TM. (2014). Design of Industrial Firewall System Based on Multiple Access Control Filter. In: Park, J., Zomaya, A., Jeong, HY., Obaidat, M. (eds) Frontier and Innovation in Future Computing and Communications. Lecture Notes in Electrical Engineering, vol 301. Springer, Dordrecht. https://doi.org/10.1007/978-94-017-8798-7_64

Download citation

  • DOI: https://doi.org/10.1007/978-94-017-8798-7_64

  • Published:

  • Publisher Name: Springer, Dordrecht

  • Print ISBN: 978-94-017-8797-0

  • Online ISBN: 978-94-017-8798-7

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics