Cybersecurity Algorithms for Supervisory Control and Data Acquisitions and Industrial Control Systems

Summary: The innovative methods and system of enhancing cybersecurity in networks and, in particular, in control systems including Supervisory Control and Data Acquisition (SCADA) systems and Industrial Control Systems (ICS), which are the backbones f…

Summary:
The innovative methods and system of enhancing cybersecurity in networks and, in particular, in control systems including Supervisory Control and Data Acquisition (SCADA) systems and Industrial Control Systems (ICS), which are the backbones for monitoring and supervising factories, power grids, water distribution systems, nuclear plants, and other critical infrastructures.

Description:
The ICS and SCADA systems are the backbones for monitoring and supervising factories, power grids, water distribution systems, nuclear plants, and other critical infrastructure. Malicious attacks on such systems can present significant economic risk to stakeholders. However, in some cases, they can also present risk to human safety and even further, in some application, there could be local, or even national security risks from disruption or failure of such control systems. The invention relates to methods and system of enhancing cybersecurity in networks and, in particular, in control systems including Supervisory Control and Data Acquisition (SCADA) systems and Industrial Control Systems (ICS).

There are three main contributions related to this technology:
Automated Network Device and Vulnerability Identification (ANDVI):  Analyzes both the transmitted packets (a packet normally represents the smallest amount of data that can traverse over a network at a single time) and communication pattern in the SCADA network, which is used to generate a “fingerprint” for the system devices to identify them.

Automatic Attack Graph Generation and Visualization (A2G2V):  Constructs an “attack graph” from the source to the terminal by identifying the sets of all sequences of attacks exploiting device vulnerabilities that an attacker may use to compromise the system

Strongly Connected Component Induced Min Label Cut (SCCiMLC):  Analyzes the attack graphs to identify the minimal attack sets that need to be prevented to secure the system.  This creates a “tree” of the “strongly connected components” (SCC) and then performs an iterative backward search over the tree to find backward-accessible SCC’s.

Advantage:
• Improves network and control system security 
• Add-on to existing software 
• No significant investment required

Application:  
A software developer provides the software to either a third-party software distributor or directly to the end user, which could be utility companies or to manufacturing companies. Likely licensee: Software developer or software distributor. Likely end user: The ICS and SCADA systems are the backbones for monitoring and supervising factories, power grids, water distribution systems, nuclear plants, and other critical infrastructures.

Patent:
Patent(s) applied for

Desc0000.png 

Stage2.png 
Development Stage: 
What can be currently provided to a commercial partner is mainly the method and algorithm, and in addition, a prototype code for the methods and algorithms can be provided, and demonstrated as well. The PI has suggested that he can also work with a partner to further refine the algorithm to suit their application.

Website:

http://isurftech.technologypublisher.com/technology/45853

Contact Information:

TTO Home Page: http://isurftech.technologypublisher.com

Name: Jack Hartwigsen

Title: Technology Marketing Manager

Department: Iowa State Research Foundation

Email: jackh1@iastate.edu

Phone: 515-294-4740