• English
  • Deutsch
  • Log In
    or
  • Research Outputs
  • Projects
  • Researchers
  • Institutes
  • Statistics
Repository logo
Fraunhofer-Gesellschaft
  1. Home
  2. Fraunhofer-Gesellschaft
  3. Konferenzschrift
  4. Automated Incident Response for Industrial Control Systems Leveraging Software-defined Networking
 
  • Details
  • Full
Options
2019
Conference Paper
Titel

Automated Incident Response for Industrial Control Systems Leveraging Software-defined Networking

Abstract
Modern technologies and concepts for Industrial Control Systems (ICS) are evolving towards high flexibility of processes and respectively networks. Such dynamic networks are already functioning well, for example in data centres. This is enabled by application of the Software-defined Networking (SDN) paradigm. For this reason, ICS is currently adopting SDN. The concept of having a centralized view of the network and generating packet forwarding rules to control it enables performing automated responses to network events and classified incidents via SDN. This automation can provide timely and, due to the holistic view of the network, accurate incident response actions. However, availability, safety, real-time and redundancy requirements within the ICS domain restrict the application of such an automated approach. At present, SDN-based incident response (SDN-IR) does not take into consideration these requirements. In this work, we identify possible SND-based response actions to ICS incidents and introduce classification of assets and links. Furthermore, we present a concept for SDN-IR where a predefined rule set restricts the response actions based on the asset's classification thereby satisfying ICS specific requirements. Subsequently, we describe and evaluate a prototype implementation of this concept, built with the open-source SDN platform OpenDaylight and the SDN protocol OpenFlow.
Author(s)
Patzer, Florian
Meshram, A.
Heß, M.
Hauptwerk
ICISSP 2019, 5th International Conference on Information Systems Security and Privacy
Konferenz
International Conference on Information Systems Security and Privacy (ICISSP) 2019
DOI
10.5220/0007359503190327
File(s)
N-543657.pdf (368.33 KB)
Language
English
google-scholar
Fraunhofer-Institut für Optronik, Systemtechnik und Bildauswertung IOSB
Tags
  • incident response

  • SDN security

  • industrial control sy...

  • ICS Security

  • software-defined netw...

  • Cookie settings
  • Imprint
  • Privacy policy
  • Api
  • Send Feedback
© 2022