ABSTRACT

The past decades have witnessed the migration from proprietary standards for communications towards open international standards for modern critical infrastructures. However, it is difficult to update software and hardware applications for legacy control systems. Malicious attackers, on the other hand, can easily launch an attack since the amount of knowledge needed to successfully execute an attack is decreasing. As a consequence, many incidents related to damages of cyber attacks on Industrious Control Systems (ICSs) have already been reported in [70]. In [40], the air traffic control system tower at Worcester Regional Airport (MA) USA was shut down by a hacker. In [129], it has been reported that the power grid in the U.S. was penetrated by cyber spies and some key infrastructure was compromised by the intrusion. It is also reported in [129] that the Siemens SCADA systems have been attacked by the computer worm, Stuxnet. ICSs are widely used in the electric, water, oil, and gas industries and they are critical to the operation of U.S. infrastructures. The aforementioned attacks have incurred environment and financial losses. The information technologies employed in ICSs are vastly vulnerable and have a direct effect on the physical component of the system. Hence it is essential to take into account cyber security when designing ICSs.