Abstract
Interconnected industrial control system (ICS) networks based on routable protocols are susceptible to remote attacks similar to classical information technology (IT) networks. However, addressing ICS security in an isolated view is dangerous since ICSs have to ensure safety measures for people, processes, and the environment. The safety and security of ICSs are often addressed separately, without considering their important interrelation. Safety measures can violate security policies (e.g., an emergency stop function accessible by anyone); likewise, a security incident can violate safety policies (e.g., by increasing reaction time). In this article, we propose a network-based intrusion detection system with the interrelation between safety and security in mind. It detects security incidents while evaluating possible safety-related consequences of both the detected attack and possible countermeasures. We evaluate our approach with a Proof of Concept (PoC). The alerts generated by the PoC prototype serve as the basis for a risk management strategy proposed in this article. Our approach provides a basis for safety-aware intrusion detection in smart factories and other cyber-physical systems.
Author supplied keywords
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
Cite
CITATION STYLE
Brenner, B., Hollerer, S., Bhosale, P., Sauter, T., Kastner, W., Fabini, J., & Zseby, T. (2023). Better Safe Than Sorry: Risk Management Based on a Safety-Augmented Network Intrusion Detection System. IEEE Open Journal of the Industrial Electronics Society, 4, 287–303. https://doi.org/10.1109/OJIES.2023.3297057
Readers over time
Readers' Seniority
Readers' Discipline
