Author:
Nunes Matthew,Kayan Hakan,Burnap Pete,Perera Charith,Dykes Jason
Abstract
Due to an increase in the number of attacks on Industrial Control Systems (ICS), the security of these systems is now of paramount concern. Many solutions have been proposed to defend such systems, particularly those adopting Machine Learning (ML). The goal of this study is to increase the likelihood of the solution being deployed into a real environment. As part of that, multiple interviews were held with industry experts who have been embedded within ICS cyber-security for decades. The findings revealed that the current security solutions for ICS lack the sophistication required to be adopted due to flawed assumptions made about the end-user. Therefore, this work provides personas of each end-user group within ICS that need to be taken into consideration when designing a security solution. In addition, wireframes are provided showing what a desired solution could look like. By sharing these findings, it is hoped to inform those working within this space and increase the likelihood of their solutions being adopted within a real environment. Furthermore, the expert panel requested a number of features that do not currently exist within the ICS cyber-security space, therefore, by sharing these with the wider community, it is hoped that the field will move closer towards providing solutions containing these features.
Funder
Engineering and Physical Sciences Research Council
Reference69 articles.
1. Simaticscan: towards a specialised vulnerability scanner for industrial control systems;Antrobus,2016
2. Ocelot: user-centered design of a decision support visualization for network quarantine;Arendt,2015
3. An evaluation of machine learning methods to detect malicious scada communications;Beaver,2013
4. Ics/scada security analysis of a beckhoff cx5020 plc;Bonney,2015
5. Tvi: a visual querying system for network monitoring and anomaly detection;Boschetti,2011